Gossamer Forum: General: Perl Programming: Re: [pedge] Insecure dependency in taint mode: Edit Log

Gossamer Threads

Home : General : Perl Programming :

General: Perl Programming: Re: [pedge] Insecure dependency in taint mode: Edit Log

Here is the list of edits for this post

Dec 10, 2003, 9:21 AM

Coombes

Novice (35 posts)

Dec 10, 2003, 9:21 AM

Re: [pedge] Insecure dependency in taint mode

The error occurs because you aren't taint checking your input. Taint checking can be a bit of a hassle, as is hunting down warnings but it is a necessary step in order to make your code secure.

So basically what you need to do is validate the tainted variable by using something like this:

Code:
$code =~ /^(some_safe_regex)$/ and code = $1;

That should fix the problem.

It's not to do with your SQL code as Andy pointed out Wink

Last edited by:

Coombes: Dec 10, 2003, 9:23 AM

Edit Log:

Post edited by Coombes Post edited by Coombes (Novice) on Dec 10, 2003, 9:21 AM
Post edited by Coombes Post edited by Coombes (Novice) on Dec 10, 2003, 9:22 AM
Post edited by Coombes Post edited by Coombes (Novice) on Dec 10, 2003, 9:23 AM

Gossamer Threads is a Vancouver-based company with over 28 years experience in web technology. From development to hosting, we partner with leading organizations around the globe and help to build their web presences, strategies and infrastructures.

Let’s talk: 1-877-715-7676