eval is evil in both Perl and Javascript

So you can do this in both languages:

eval ('$product = 6 * 12');

Avoid this kind of code. It is compiled and executed at runtime. If you are ever unsure what could end up in the dynamic string then this could be a very dangerous thing to do. Avoid entirely, there is always a better way to code this.

Advertisements

One thought on “eval is evil in both Perl and Javascript

Add yours

  1. Hello,
    I have heard about this before, similar to php’s sanitizing function. Is there a “sanitizing” technique in Perl?
    And.. I do realize what the risks are.. executing arbitrary code. However, how is that arbitrary code injected into the script execution?
    Perl noob and enthusiast here 🙂

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: