re-engine-Plugin
view release on metacpan or search on metacpan
callbacks:
use re::engine::Plugin (
exec => sub {
my ($re, $str) = @_; # $str is tainted
$re->num_captures(
FETCH => sub {
my ($re, $paren) = @_;
# This is perl's engine doing the match
$str =~ /(.*)/;
# $1 has been untainted
return $1;
},
);
},
);
The second is to use something like L<Taint::Util> which flips the
built-in regex engine in the scope of the overriding engine's callbacks:
use re::engine::Plugin (
exec => sub {
my ($re, $str) = @_; # $str is tainted
$re->num_captures(
FETCH => sub {
my ($re, $paren) = @_;
# This is perl's engine doing the match
$str =~ /(.*)/;
# $1 has been untainted
return $1;
},
);
},
);
The second is to use something like Taint::Util which flips the taint
( run in 0.568 second using v1.01-cache-2.11-cpan-49f99fa48dc )