I'm currently writing a perl IRC bot. I've never done socket programming before, so I was wondering if any experienced socket programmers could give me some tips/things to look out for as far as security and stability goes.
Printable View
I'm currently writing a perl IRC bot. I've never done socket programming before, so I was wondering if any experienced socket programmers could give me some tips/things to look out for as far as security and stability goes.
I dont know about Perl programming, however, i would say that you might be able apply some of the same ideas that a good C programmer would apply to a well written C program.
Most importantly, is always validate the length of ANY input you may receive ANYWHERE in the program. This is most important. I dont know what perl offers in the way of controlling how much input is read, but a simple way to do it would be to read chars into a buffer inside a while loop, the test condition being number of chars read not equal to (size of buffer - 1).
Secondly, never rely on the user to provide your program with the correct input, check everything!
That is my thoughts on the matter.
Here are some other URL's that cover different aspects of secure Perl programming:
http://www.groovyweb.uklinux.net/?pa...perl%20scripts
http://www.perlcode.org/tutorials/pe...ing%20security
As i dont know perl, there is not much more i can say on the matter :(
I would love to see the end program you produce, sounds interesting, Good Luck!
Jason
Thanks for the tips...I always validate ALL inputs (Efosa-proofing (Efosa was our C++ prof. at MGC and he always found the most minute details to pick out) ), but I'll have to add some length checking...buffer overruns wouldn't be good.
The bot is on most of the time in #GAMES_D&D on irc.freenode.net. The channel is moderated, so you'll have to register a nick and let me know to change your access level so you can talk.