Skip Menu |

This queue is for tickets about the Encode CPAN distribution.

Report information
The Basics
Id: 41211
Status: open
Priority: 0/
Queue: Encode
People
Owner: Nobody in particular
Requestors: MARKOV [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: Wishlist
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Tue Nov 25 09:17:33 2008 MARKOV [...] cpan.org - Ticket created
Subject: unarm dangerous characters
I am trying to make Sys::Syslog safer. It has two problems: 1) logged strings are passed-on to the kernel in "perl internal format" 2) dangerous characters are not escaped. The first part is easy to solve: just use encode(). The second, however, calls for a module which translates \0x1b into <esc> or \b. Whatever syslog receives is written to logfiles. When root opens these logfiles, the escape codes will get executed. So we have to block escape-codes client-side. So: we need a very simple "encode"-like module to do the job, preferrably written in C. For me, it seems a good plan to have it included in your distribution. But you may have an other solution? Sincerely, MarkOv
  Wed Jan 21 17:40:45 2009 DANKOGAI [...] cpan.org - Status changed from 'new' to 'open'
  Sat Nov 12 19:12:10 2011 chansen [...] cpan.org - Correspondence added
The B.pm module offers two functions that might satisfy this need, cstring() and perlstring(). If you specify your desired escaping I'll take a crack at it. RFC 5137 recommends U+NNNN[N[N]] syntax, <http://tools.ietf.org/html/rfc5137>. -- chansen