Re: Can System() of Perl be bypassed?

From: Brian Reichert (reichertat_private)
Date: Tue Jan 28 2003 - 14:58:24 PST

  • Next message: mlhat_private: "Re: safe strcpy()?"

    On Tue, Jan 28, 2003 at 04:35:30PM -0600, NESTING, DAVID M (SBCSI) wrote:
    > >	open2(\*READ, \*WRITE, '/bin/grep', $sanitized_arg,
    > >		"/usr/dict/words") or die;
    > 
    > Note also that in 5.8, if all you're interested in is STDOUT, Perl lets you
    > do this:
    > 
    > open(FH, "-|", "/bin/grep", $sanitized_arg, "/usr/dict/words") or die ...;
    > 
    > This is somewhat equivalent to doing the fork and exec in list form, which
    > would not invoke the shell to parse the command string.
    
    I wrote System2 to collect STDOUT and STDERR, in a manner that
    bypasses the shell as well.  Output is returned in a a scalar, not
    a FH, which an important distinction.
    
      use System2;
      my ($out, $err) = system2("/bin/grep", $sanitized_arg, "/usr/dict/words");
      my ($exit_value, $signal_num, $dumped_core) = &System2::exit_status($?)
    
    See <http://search.cpan.org/author/REICHERT/System2-0.82/System2.pm>
    
    Same kinda approach, and behaves on older perl versions.
    
    -- 
    Brian 'you Bastard' Reichert		<reichertat_private>
    37 Crystal Ave. #303			Daytime number: (603) 434-6842
    Derry NH 03038-1713 USA			BSD admin/developer at large	
    



    This archive was generated by hypermail 2b30 : Tue Jan 28 2003 - 15:06:59 PST