Re: Another small metacharacter bug in Penguin Traceroute v1.0

[Andreas Beck <becka () uni-duesseldorf de>]

Marco van Berkum <m.v.berkum () obit nl> wrote:
>    this line "$host =~ s/[;<>\*\|'&\$!?#\(\)\[\]\{\}:'"\\]//g;" under it and
> Well, yes, it does parse out some metacharacters, but, the " ` " (backtick)
> is not filtered out in any way. (probably one of the two quotes " ' " should be
> a backtick). Also the slash and the hyphen are not filtered.
>
> Second fix: replace the second quote by a backtick and add slash and hyphen
> to the filter :)

Umm - it's a traceroute-sort-of-thing - right? So why not fixing it with a 
whitelist instead of a blacklist?

Allowed domain names should be within [a-zA-z-.]* - right?
To cater for IPv6 one could add the colon (unless that poses a problem - 
I see it filtered out above ...), and be done with it.

CU, Andy

-- 
Andreas Beck             |  Email :  <becka () uni-duesseldorf de>