Posted to tcl by kbk at Sat Jun 13 15:10:46 GMT 2009view raw

  1. % proc evil {} {puts {Evil code executed!}}
  2. % set file {[evil]}
  3. [evil]
  4. % set badcmd "open $file r"
  5. open [evil] r
  6. % set goodcmd [list open $file r]
  7. open {[evil]} r
  8. % eval $badcmd
  9. Evil code executed!
  10. couldn't open "": no such file or directory
  11. % eval $goodcmd
  12. couldn't open "[evil]": no such file or directory