Re: [perl #50322] CGITempFile causes "Insecure dependency in sprintf"in perl 5.10.0

Hi,

Dr.Ruud schrieb:
> Steffen Mueller schreef:
> 
>> How about changing the sprintf call to this (untested, but well...):
>>
>> sprintf("\%s${SL}CGItemp%d", $TMPDIRECTORY, $sequence++)
> 
> Why not work out ${SL} as well?
> 
> Even if it is currently guaranteed to never contain anything like "%d",
> etc.

No specific reason. In fact, $SL is the directory separator of the 
system and thus very unlikely to ever contain a format-relevant 
substring. But really, I just made the smallest possible change - it's 
not my code after all. I would probably have written

$TMPDIRECTORY . $SL . sprintf('%d', $sequence++)

but that's purely a matter of preference.

Cheers,
Steffen

• [perl #50322] CGITempFile causes "Insecure dependency in sprintf" in perl 5.10.0 by Steve Hay
• Re: [perl #50322] CGITempFile causes "Insecure dependency in sprintf"in perl 5.10.0 by Tim Jenness
• Re: [perl #50322] CGITempFile causes "Insecure dependency in sprintf"in perl 5.10.0 by Steffen Mueller
• RE: [perl #50322] CGITempFile causes "Insecure dependency in sprintf" in perl 5.10.0 by Steve Hay
• Re: [perl #50322] CGITempFile causes "Insecure dependency in sprintf" in perl 5.10.0 by Dr.Ruud
• Re: [perl #50322] CGITempFile causes "Insecure dependency in sprintf"in perl 5.10.0 by Steffen Mueller