January 2019 Archives

Untrusted Numeric Input

David Farrell's Perl.com article got me thinking, specifically about the role of \d in sanitizing input. I am not going to talk here about looks_like_number(), because the referenced article covers it.

The thing is, on any Perl recent enough to be Unicode-aware, \d matches digits, whether or not they are ASCII. This m…

About Tom Wyant

user-pic I blog about Perl.