Ian Jackson: > Ian Jackson writes ("Re: Potentially insecure Perl scripts"): >> Even if we care only about scripts which are part of Debian, rather >> than scripts which people merely expect to run on Debian (and where >> they trust Debian to not blow their leg off), there will probably be >> many thousands. > > I asked codesearch about > while.*\<\> > and got 10780 results. >
Hi, I had a similar thought but tried a slightly more complex pattern: (while\s*|for(each)?\s*(my)?\s*\$.*)\(.*<>\s*\) The pattern also tries to cover "for" and "foreach" while also being more strict to prune false positives (C++ templates, Pascal and SQL trip naive searches for "<>"). This variant still puts us in the 3000 - 4000 results, which (while being less than half of the original number) is far more than is likely to be resolved manually in a reasonable time frame. Thanks, ~Niels