tags:

views:

161

answers:

1
+2  Q: 

How can I sanitize Erlang input?

I was playing around with the erlang shell today and noticed that I could do command injections, something like the following:

io:get_chars("Cmd> ", 3).
Cmd> Dud List=[3,4,5]. io:get_line("I just took over your shell!").

Is there a way to sanitize the get_chars function's input so this isn't possible?

+5  A: 

you aren't really doing command injections. io:get_chars("Cmd> ", 3). simply does it's job: read 3 characters from the input stream. everything entered after these is processed by the erlang shell as part of the normal read-eval-print loop.

 2009-07-14 11:14:40

related questions

XSLT multiple file inputs?
How do you rate-limit an IO operation?
Java: Reading an ASCII file with FileChannel and ByteArrays.
What is the best epoll/kqueue/select equvalient on Windows?
Disk Activity in Applescript
How do I create an in-memory Handle in haskell?
Starting a process with inherited stdin/stdout/stderr in Java 6
How to add a Timeout to Console.ReadLine()?
When can DataInputStream.skipBytes(n) not skip n bytes?
fprintf return success but can't write to an existin file
Easy way to write contents of a Java InputStream to an OuptutStream
How to find out if a file exists in C# / .NET?
Is there a reason to use BufferedReader over InputStreamReader when reading all characters?
Binary buffer in Python
Hooking my program with windows explorer's rename event
"All Users" Folder
Implementing a log watcher
I/O permission settings using .net installer
How do you place a file in recycle bin instead of delete?
Creating tempory folders
Send messages to program through command line
Why doesn't Ruby have a real StringBuffer or StringIO?
How do you determine the size of a file in C?
How do you open a file in C++?
How to check For File Lock in C# ?