| Subject: | Regexp causes perl to evaluate any number with a leading zero as an octal number |
When trying to pass strings with leading zeros to javascript, the regular expression "/^-?(\d+\.?\d*|\.\d+)([eE]-?\d+)?$/" matches and causes perl to eval the string. In the case of "003", the perl eval dies and the javascript code produced is something like "var myvar = ;" which causes javascript to die.
I've submitted a patch that fixes the regexp so that it doesn't match invalid numbers.
--- 207225 2005-11-10 08:45:19.000000000 -0800
+++ 207325 2005-11-10 08:45:55.000000000 -0800
@@ -1,4 +1,4 @@
-//depot/main/Appliance/mainline-unstable/src/pmx/cpan-packages/Data-JavaScript/JavaScript.pm#1 - branch change 204917 (text)
+//depot/main/Appliance/mainline-unstable/src/pmx/cpan-packages/Data-JavaScript/JavaScript.pm#4 - edit change 207325 (text)
package Data::JavaScript;
use strict;
@@ -55,7 +55,7 @@
if(! defined($elem) ){
return "$sym = @{[defined($undef) ? $undef : $UNDEF]};";
}
- elsif ($elem =~ /^-?(\d+\.?\d*|\.\d+)([eE]-?\d+)?$/) {
+ elsif ($elem =~ /^-?((([1-9]+\d*)|0)(\.\d*)?|\.\d+)([eE]-?\d+)?$/) {
return "$sym = " . eval($elem) . ";";
}
return "$sym = '" . quotemeta($elem) . "';";