However there is still one side-topic I think I'm right about...
Dave Mitchell wrote:
On Mon, Nov 15, 2004 at 06:17:44PM +0000, Brian McCauley wrote:
>> no re 'eval'; >> $foo =~ '(?{ $x = 1 })';
In a perfectly consitant world [the above] should be an error.
No it shouldn't. The basic guiding principle is that if the code is contained within a literal string, then you don't need use re 'eval'. If it's the result of an expression, then it's suspect.
No. The basic guiding principle is that if the code is contained within a literal _regex_, then you don't need use re 'eval'. If it's the result of an expression, then you should need use re 'eval'. Just because an expression consists of a literal string constant should not (ideally) make a difference. On the other hand it's not a serious problem if (as an artifact of optomisation) it does make a difference since it does not introduce an real security problems.
Please consider the following...
no re 'eval';
use constant const => 1; # Inlinable
sub func { 1 }; # Not inlineable 'xxx' =~ ( const() ? '(?{ 1 })' : '.' ); # OK
'xxx' =~ ( func() ? '(?{ 1 })' : '.' ); # ErrorCan you really claim that this is doing "The Right Thing" (as opposed to doing an OK thing due to an artifact)?
