Velocity Reviews > Perl > Expression Problem

# Expression Problem

Noname
Guest
Posts: n/a

 08-10-2004
Hi,
I have input from STDIN like \$Input="1-5,6,8,10-15";
which actually needs to be interpreted as an
array=1,2,3,4,5,6,8,10,11,12,13,14,15
how can it be done,

Anno Siegel
Guest
Posts: n/a

 08-10-2004
Noname <(E-Mail Removed)> wrote in comp.lang.perl.misc:
> Hi,
> I have input from STDIN like \$Input="1-5,6,8,10-15";
> which actually needs to be interpreted as an
> array=1,2,3,4,5,6,8,10,11,12,13,14,15
> how can it be done,

map /(\d+)-(\d+)/ ? \$1 .. \$2 : \$_, split /,/, \$Input;

Anno

Paul GABORIT
Guest
Posts: n/a

 08-10-2004

À (at) Tue, 10 Aug 2004 07:56:38 GMT,
Noname <(E-Mail Removed)> écrivait (wrote):
> I have input from STDIN like \$Input="1-5,6,8,10-15";
> which actually needs to be interpreted as an
> array=1,2,3,4,5,6,8,10,11,12,13,14,15
> how can it be done,

my @array = map {m/(.*)-(.*)/?(\$1..\$2):\$_} split ',', \$Input;

--
Paul Gaborit - <http://www.enstimac.fr/~gaborit/>
Perl en français - <http://www.enstimac.fr/Perl/>

Sam Holden
Guest
Posts: n/a

 08-10-2004
On Tue, 10 Aug 2004 10:07:54 +0200,
Bernard El-Hagin <(E-Mail Removed)> wrote:
> Noname <(E-Mail Removed)> wrote:
>
>> Hi,
>> I have input from STDIN like \$Input="1-5,6,8,10-15";
>> which actually needs to be interpreted as an
>> array=1,2,3,4,5,6,8,10,11,12,13,14,15
>> how can it be done,

>
>
> my @array = map { s/-/../; eval } split /,/, \$Input;

evaling arbitrary text from STDIN isn't always a great idea. Sometimes
it is - but the in all those cases the user would be told that perl
expressions were expected...

Something like:

my @array = map {/^(\d+)-(\d+)\$/?(\$1..\$2):\$_} split /,/, \$Input;

would be a little safer.

--
Sam Holden

Tassilo v. Parseval
Guest
Posts: n/a

 08-10-2004
Also sprach Bernard El-Hagin:

> Noname <(E-Mail Removed)> wrote:
>
>> Hi,
>> I have input from STDIN like \$Input="1-5,6,8,10-15";
>> which actually needs to be interpreted as an
>> array=1,2,3,4,5,6,8,10,11,12,13,14,15
>> how can it be done,

>
>
> my @array = map { s/-/../; eval } split /,/, \$Input;

Heh, cool. The split() isn't necessary, though:

my @array = map { s/-/../g; eval } \$Input;

Tassilo
--
\$_=q#",}])!JAPH!qq(tsuJ[{@"tnirp}3..0}_\$;//::niam/s~=)]3[))_\$-3(rellac(=_\$({
pam{rekcahbus})(rekcah{lrePbus})(lreP{rehtonabus}) !JAPH!qq(rehtona{tsuJbus#;
\$_=reverse,s+(?<=sub).+q#q!'"qq.\t\$&."'!#+sexisexi ixesixeseg;y~\n~~dddd;eval

gnari
Guest
Posts: n/a

 08-10-2004
"Bernard El-Hagin" <(E-Mail Removed)> wrote in
message news:Xns95416783DCA6Delhber1lidotechnet@62.89.127. 66...
> Noname <(E-Mail Removed)> wrote:
>
> > Hi,
> > I have input from STDIN like \$Input="1-5,6,8,10-15";
> > which actually needs to be interpreted as an
> > array=1,2,3,4,5,6,8,10,11,12,13,14,15
> > how can it be done,

>
>
> my @array = map { s/-/../; eval } split /,/, \$Input;

please do not do this unless you trust the input 100% to
be in the format described.

malicious input (or a mistake) can result in arbitrary code
execution. (think rm -R /)

gnari

gnari
Guest
Posts: n/a

 08-10-2004
"Bernard El-Hagin" <(E-Mail Removed)> wrote in
message news:Xns954174513BF97elhber1lidotechnet@62.89.127. 66...
> "gnari" <(E-Mail Removed)> wrote:
>
> > "Bernard El-Hagin" <(E-Mail Removed)>
> > wrote in message
> > news:Xns95416783DCA6Delhber1lidotechnet@62.89.127. 66...
> >> Noname <(E-Mail Removed)> wrote:
> >>
> >> > Hi,
> >> > I have input from STDIN like \$Input="1-5,6,8,10-15";
> >> > which actually needs to be interpreted as an
> >> > array=1,2,3,4,5,6,8,10,11,12,13,14,15
> >> > how can it be done,
> >>
> >>
> >> my @array = map { s/-/../; eval } split /,/, \$Input;

> >
> >
> > please do not do this unless you trust the input 100% to
> > be in the format described.
> >
> > malicious input (or a mistake) can result in arbitrary code
> > execution. (think rm -R /)

>
>
> That would result in evaling "rm ..R /".

lots of destructive commands do not include a '-'.
in any case , there is no /g in your code, so this
limitation can easily be avoided.

system("ls -;rm -R /")

gnari

Noname
Guest
Posts: n/a

 08-10-2004
Paul GABORIT <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> Path:
> news2.nokia.com!news1.nokia.com!news2.nokia.com.PO STED!not-for-mail
> Newsgroups: comp.lang.perl.misc
> Subject: Expression Problem
> From: Noname <(E-Mail Removed)>
> User-Agent: Xnews/5.04.25
> Lines: 5
> Message-ID: <Wc%Rc.22142\$(E-Mail Removed)>
> Date: Tue, 10 Aug 2004 07:56:38 GMT
> NNTP-Posting-Host: 172.21.11.70
> X-Complaints-To: http://www.velocityreviews.com/forums/(E-Mail Removed)
> X-Trace: news2.nokia.com 1092124598 172.21.11.70 (Tue, 10 Aug 2004
> 10:56:38 EET DST) NNTP-Posting-Date: Tue, 10 Aug 2004 10:56:38 EET DST
> Organization: Nokia
> Xref: news1.nokia.com comp.lang.perl.misc:285995
>
> Hi,
> I have input from STDIN like \$Input="1-5,6,8,10-15";
> which actually needs to be interpreted as an
> array=1,2,3,4,5,6,8,10,11,12,13,14,15
> how can it be done,

I did had a bad experience with "eval" function so I will surely aviod it ,
and use the one without it ,
thanks for your time and information

gnari
Guest
Posts: n/a

 08-10-2004
"Bernard El-Hagin" <(E-Mail Removed)> wrote in
message news:Xns954187E601E46elhber1lidotechnet@62.89.127. 66...
> "gnari" <(E-Mail Removed)> wrote:
>
> [...]
>
> >> >> my @array = map { s/-/../; eval } split /,/, \$Input;
> >> >
> >> >
> >> > please do not do this unless you trust the input 100% to
> >> > be in the format described.
> >> >
> >> > malicious input (or a mistake) can result in arbitrary code
> >> > execution. (think rm -R /)
> >>
> >>
> >> That would result in evaling "rm ..R /".

> >
> > lots of destructive commands do not include a '-'.

>
>
> I think you took my reply too seriously.

that was on purpose

anyways, the OP seems to have been aware of the
dangers of indiscriminate eval(), so all's well.

gnari

510046470588-0001@t-online.de
Guest
Posts: n/a

 08-10-2004
"gnari" <(E-Mail Removed)> writes:
>
> please do not do this unless you trust the input 100% to
> be in the format described.
>
> malicious input (or a mistake) can result in arbitrary code
> execution. (think rm -R /)

use the Safe module judiciously

Klaus Schilling