On Sun, Mar 03, 2019 at 01:21:49PM +0000, Ralph Corderoy wrote: > Hi Colin, > > > Perl's "open" documentation even notes for the "< $file\0" trick that > > "this may not work on some bizarre filesystems", which suggests to me > > that such a robust proof isn't possible. > > No, that's a misquote. > > $file =~ s#^(\s)#./$1#; > open(my $fh, "< $file\0") > || die "Can't open $file: $!"; > > (this may not work on some bizarre filesystems). > > The `bizarre' bit is referring to non-POSIX filesystems that don't like > `./' as a prefix for the current directory.
Thanks for the correction (I would say it was a misreading rather than a misquote, since it genuinely wasn't clear to me). It's true that the ./ part doesn't need to be considered in our case. > > we're trying to come up with ways to add extra characters to its input > > that suppress that magic. > > We're using the method described in documentation written by Tom > Christiansen and his pedigree says to me that's sufficient. I agree in > general one looks for a certain way to be safe, but this seems the > accepted Perl idiom. Tom indeed has a fine pedigree, but even very competent people can be wrong, which is why I look for convincing proofs instead. To be honest, even with a proof I think I would still prefer my manual construction, since it requires less effort to convince oneself that it's safe. > > https://groups.google.com/forum/message/raw?msg=comp.lang.perl.misc/0tqkwns3aaw/auWXakdD1S0J > > If magic `open' is a bit too magical for you, you don't have to turn > to `sysopen'. It's worth noting that Tom posted this in 1999, which was before the three-argument form of open was introduced in Perl 5.6 (March 2000). Nowadays it would be strange (perhaps even a strawman) to make this argument, because if "magic" two-argument open is too magical for you, then the obvious next thing to use is the non-magical three-argument open, not sysopen. So, even if that document from 1999 remains authoritative on how to perform safe escaping, I don't think it's any longer authoritative on style. The modern perlopentut(1) still carries Tom's copyright notice (now from 2013) and doesn't mention the two-argument form of open at all; that's been relegated to more detailed reference documentation. -- Colin Watson [cjwat...@debian.org]
