Prev: FAQ 9.14 How do I make sure users can't enter values into a form that cause my CGI script to do bad things?
Next: FAQ 5.3 How do I count the number of lines in a file?
From: PerlFAQ Server on 20 Jul 2010 18:00 This is an excerpt from the latest version perlfaq8.pod, which comes with the standard Perl distribution. These postings aim to reduce the number of repeated questions as well as allow the community to review and update the answers. The latest version of the complete perlfaq is at http://faq.perl.org . -------------------------------------------------------------------- 8.28: How can I call backticks without shell processing? This is a bit tricky. You can't simply write the command like this: @ok = `grep @opts '$search_string' @filenames`; As of Perl 5.8.0, you can use "open()" with multiple arguments. Just like the list forms of "system()" and "exec()", no shell escapes happen. open( GREP, "-|", 'grep', @opts, $search_string, @filenames ); chomp(@ok = <GREP>); close GREP; You can also: my @ok = (); if (open(GREP, "-|")) { while (<GREP>) { chomp; push(@ok, $_); } close GREP; } else { exec 'grep', @opts, $search_string, @filenames; } Just as with "system()", no shell escapes happen when you "exec()" a list. Further examples of this can be found in "Safe Pipe Opens" in perlipc. Note that if you're using Windows, no solution to this vexing issue is even possible. Even if Perl were to emulate "fork()", you'd still be stuck, because Windows does not have an argc/argv-style API. -------------------------------------------------------------------- The perlfaq-workers, a group of volunteers, maintain the perlfaq. They are not necessarily experts in every domain where Perl might show up, so please include as much information as possible and relevant in any corrections. The perlfaq-workers also don't have access to every operating system or platform, so please include relevant details for corrections to examples that do not work on particular platforms. Working code is greatly appreciated. If you'd like to help maintain the perlfaq, see the details in perlfaq.pod. |