08-08-2012
eval is a giant security hole.
If `rm -Rf ~/` ends up in your variables somehow, eval will execute it.
Please explain what you're actually trying to do so we can show you how to avoid the eval.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
This is what I tried:
vara=${varb}_count
(( vara += 1 ))
Thanks for help (4 Replies)
Discussion started by: pa3be
4 Replies
2. Shell Programming and Scripting
Hi
I have a variable which is a path ie:
UBERROR=/cobwrk/mchr/prodsup/ub/wrk/../error
is there anyway I can get the output of an echo to read:
#echo $UBERROR
/cobwrk/mchr/prodsup/ub/error
instead of
#echo $UBERROR
/cobwrk/mchr/prodsup/ub/wrk/../error
Many thanks! (2 Replies)
Discussion started by: serm
2 Replies
3. UNIX for Dummies Questions & Answers
I would like to know how to pass a variable inside a variable to a function.
sample code below
--------------
for x in 1 9
do
check_null $C$x ##call function to check if the value is null
if
then
echo "line number:$var_cnt,... (2 Replies)
Discussion started by: KingVikram
2 Replies
4. Shell Programming and Scripting
Hi Gurus
I have a file called /tmp/CMDB which looks like this
serial: 0623AN1208
hostname: server1
model: x4100
assetID: 1234
I am writing a for loop that will go through this file line by line creating a variable of itself. Using the first iteration of the loop (i.e. the first line) as... (6 Replies)
Discussion started by: hcclnoodles
6 Replies
5. Shell Programming and Scripting
Hi,
I am trying to do the following thing
var='date'
$var
Above command substitutes date for and in turn runs the date command and i am getting the todays date value.
I am trying to do the same thing as following, but facing some problems,
unique_host_pro="sed -e ' /#/d'... (3 Replies)
Discussion started by: gvinayagam
3 Replies
6. Shell Programming and Scripting
Hi there, i think im getting myself a little confused and need some help :wall:
I am reading in a bunch of variables to my script from an external file and need to validate that a value has been set for each
so if you can imagine, the user is required to pass in 4 values... (3 Replies)
Discussion started by: rethink
3 Replies
7. Shell Programming and Scripting
I am tyring to resolve an environment variable that is part of a string I selected from our database.
Simply put, I want cd to this folder before checking if a file exists.
The variable $in_loc has the value '$PS_HOME/int/VSP' where $PS_HOME is the environment variable.
I am using cd... (6 Replies)
Discussion started by: consult_jb
6 Replies
8. Shell Programming and Scripting
Hi All,
I have below variable,
xyz=\$AI_XFR
Now, if you will run the below command
=> echo $xyz
$AI_XFR
It is returning hardcoded string value.
Whereas in environment, there is value in it. Like below:
=> echo $AI_XFR
/home/aditya/sandbox/xfr/
I need to resolve this... (4 Replies)
Discussion started by: adgangwar
4 Replies
9. Shell Programming and Scripting
My script
----------
for i in `cat n`;do
export k=`echo "CSN: "$i` //combining CSN: and value from n
echo "$k"
awk ''{print "CSN: "$0;}'{_=29}_&&_--' file1|tail -1 >> file2
done
In the above script i cannot able to resolve $k in awk command
file n contains
------------
0000
1111
2222... (2 Replies)
Discussion started by: Mohana29_1988
2 Replies
10. Shell Programming and Scripting
Hi guys,
I have a file "abc.dat" in below format:
FILE_PATH||||$F_PATH
TABLE_LIST||||a|b|c
SYST_NM||||${SRC_SYST}
Now I am trying to read the above file and want to print the value for above dollar variables F_PATH and SRC_SYST. The problem is it's reading the dollar variables as... (5 Replies)
Discussion started by: abcabc1103
5 Replies
LEARN ABOUT CENTOS
perl::critic::policy::builtinfunctions::prohibitstringyeval
Perl::Critic::Policy::BuiltinFunctions::ProhibitStringyEUser3Contributed Perl DocumePerl::Critic::Policy::BuiltinFunctions::ProhibitStringyEval(3)
NAME
Perl::Critic::Policy::BuiltinFunctions::ProhibitStringyEval - Write "eval { my $foo; bar($foo) }" instead of "eval "my $foo; bar($foo);"".
AFFILIATION
This Policy is part of the core Perl::Critic distribution.
DESCRIPTION
The string form of "eval" is recompiled every time it is executed, whereas the block form is only compiled once. Also, the string form
doesn't give compile-time warnings.
eval "print $foo"; # not ok
eval {print $foo}; # ok
CONFIGURATION
There is an "allow_includes" boolean option for this Policy. If set, then strings that look like they only include a single "use" or
"require" statement (with the possible following statement that consists of a single number) are allowed. With this option set, the
following are flagged as indicated:
eval 'use Foo'; # ok
eval 'require Foo'; # ok
eval "use $thingy;"; # ok
eval "require $thingy;"; # ok
eval "use $thingy; 1;"; # ok
eval "require $thingy; 1;"; # ok
eval 'use Foo; blah;'; # still not ok
eval 'require Foo; 2; 1;'; # still not ok
eval 'use $thingy;'; # still not ok
eval 'no Foo'; # still not ok
If you don't understand why the number is allowed, see Perl::Critic::Policy::ErrorHandling::RequireCheckingReturnValueOfEval.
This option inspired by Ricardo SIGNES' Perl::Critic::Policy::Lax::ProhibitStringyEval::ExceptForRequire.
SEE ALSO
Perl::Critic::Policy::ControlStrucutres::RequireBlockGrep
Perl::Critic::Policy::ControlStrucutres::RequireBlockMap
AUTHOR
Jeffrey Ryan Thalhammer <jeff@imaginative-software.com>
COPYRIGHT
Copyright (c) 2005-2011 Imaginative Software Systems. All rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. The full text of this license
can be found in the LICENSE file included with this module.
perl v5.16.3 2014-06-09 Perl::Critic::Policy::BuiltinFunctions::ProhibitStringyEval(3)