[{"data":1,"prerenderedAt":888},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-pl":28,"surround-\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-pl":501,"sidebar-sei-cert-perl-coding-standard":510},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":41,"extension":492,"meta":493,"navigation":7,"path":497,"seo":498,"stem":499,"__hash__":500},"content\u002F7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F2.dcl00-pl.md","DCL00-PL. Do not use subroutine prototypes",{"type":32,"value":33,"toc":488},"minimark",[34,38,42,86,93,113,119,122,127,130,289,292,322,333,337,340,459,476,484],[35,36,30],"h1",{"id":37},"dcl00-pl-do-not-use-subroutine-prototypes",[39,40,41],"p",{},"Perl provides a simple mechanism for specifying subroutine argument types called prototypes. Prototypes appear to indicate the number and types of arguments that a function takes. For instance, this function appears to require two arguments, the first being a scalar, and the second being a list:",[43,44,46],"code-block",{"quality":45},"bad",[47,48,53],"pre",{"className":49,"code":50,"language":51,"meta":52,"style":52},"language-perl shiki shiki-themes github-light github-dark monokai","sub function ($@) {\n  # ... function body\n}\n","perl","",[54,55,56,73,80],"code",{"__ignoreMap":52},[57,58,61,65,69],"span",{"class":59,"line":60},"line",1,[57,62,64],{"class":63},"sq6CD","sub",[57,66,68],{"class":67},"srTi1"," function",[57,70,72],{"class":71},"sMOD_"," ($@) {\n",[57,74,76],{"class":59,"line":75},2,[57,77,79],{"class":78},"s8-w5","  # ... function body\n",[57,81,83],{"class":59,"line":82},3,[57,84,85],{"class":71},"}\n",[39,87,88,89,92],{},"However, prototypes are problematic in many ways. The biggest problem is that prototypes are not enforced by Perl's parser. That is, prototypes do not cause Perl to emit any warnings if a prototyped subroutine is invoked with arguments that violate the prototype.. Perl does not issue any warnings of prototype violations, even if the ",[54,90,91],{},"-w"," switch is used.",[39,94,95,96,99,100,107,108,112],{},"Prototypes suffer from several other problems, too. They can change function behavior, by forcing scalar context when evaluating arguments that might not be scalars, or by forcing list context when evaluating arguments that might not be lists.  A function's prototype is ignored when that function is invoked with the ",[54,97,98],{},"&"," character. Finally, according to the ",[101,102,106],"a",{"href":103,"rel":104},"http:\u002F\u002Fperldoc.perl.org\u002Fperlfunc.html",[105],"nofollow","perlfunc"," manpage [ ",[101,109,111],{"href":110},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Manpages","Wall 2011"," ]:",[114,115,116],"blockquote",{},[39,117,118],{},"Method calls are not influenced by prototypes either, because the function to be called is indeterminate at compile time, since the exact code called depends on inheritance.",[39,120,121],{},"Because of these problems, subroutine prototypes must not be used when defining subroutines.",[123,124,126],"h2",{"id":125},"noncompliant-code-example","Noncompliant Code Example",[39,128,129],{},"This noncompliant code example demonstrates a function with prototypes. The function takes a string and a list and simply prints out the string along with the list elements.",[43,131,132],{"quality":45},[47,133,135],{"className":49,"code":134,"language":51,"meta":52,"style":52},"sub function ($@) {\n  my ($item, @list) = @_;\n\n  print \"item is $item\\n\";\n  my $size = $#list + 1;\n  print \"List has $size elements\\n\";\n  foreach my $element (@list) {\n    print \"list contains $element\\n\";\n  }\n}\n\nmy @elements = (\"Tom\", \"Dick\", \"Harry\");\nfunction( @elements);\n",[54,136,137,145,154,159,183,191,211,223,241,247,252,257,283],{"__ignoreMap":52},[57,138,139,141,143],{"class":59,"line":60},[57,140,64],{"class":63},[57,142,68],{"class":67},[57,144,72],{"class":71},[57,146,147,151],{"class":59,"line":75},[57,148,150],{"class":149},"sC2Qs","  my",[57,152,153],{"class":71}," ($item, @list) = @_;\n",[57,155,156],{"class":59,"line":82},[57,157,158],{"emptyLinePlaceholder":7},"\n",[57,160,162,166,170,173,177,180],{"class":59,"line":161},4,[57,163,165],{"class":164},"sTrkL","  print",[57,167,169],{"class":168},"sstjo"," \"item is ",[57,171,172],{"class":71},"$item",[57,174,176],{"class":175},"s7F3e","\\n",[57,178,179],{"class":168},"\"",[57,181,182],{"class":71},";\n",[57,184,186,188],{"class":59,"line":185},5,[57,187,150],{"class":149},[57,189,190],{"class":71}," $size = $#list + 1;\n",[57,192,194,196,199,202,205,207,209],{"class":59,"line":193},6,[57,195,165],{"class":164},[57,197,198],{"class":168}," \"List has ",[57,200,201],{"class":71},"$size",[57,203,204],{"class":168}," elements",[57,206,176],{"class":175},[57,208,179],{"class":168},[57,210,182],{"class":71},[57,212,214,217,220],{"class":59,"line":213},7,[57,215,216],{"class":149},"  foreach",[57,218,219],{"class":149}," my",[57,221,222],{"class":71}," $element (@list) {\n",[57,224,226,229,232,235,237,239],{"class":59,"line":225},8,[57,227,228],{"class":164},"    print",[57,230,231],{"class":168}," \"list contains ",[57,233,234],{"class":71},"$element",[57,236,176],{"class":175},[57,238,179],{"class":168},[57,240,182],{"class":71},[57,242,244],{"class":59,"line":243},9,[57,245,246],{"class":71},"  }\n",[57,248,250],{"class":59,"line":249},10,[57,251,85],{"class":71},[57,253,255],{"class":59,"line":254},11,[57,256,158],{"emptyLinePlaceholder":7},[57,258,260,263,266,269,272,275,277,280],{"class":59,"line":259},12,[57,261,262],{"class":149},"my",[57,264,265],{"class":71}," @elements = (",[57,267,268],{"class":168},"\"Tom\"",[57,270,271],{"class":71},", ",[57,273,274],{"class":168},"\"Dick\"",[57,276,271],{"class":71},[57,278,279],{"class":168},"\"Harry\"",[57,281,282],{"class":71},");\n",[57,284,286],{"class":59,"line":285},13,[57,287,288],{"class":71},"function( @elements);\n",[39,290,291],{},"However, this program generates the following counterintuitive output:",[47,293,297],{"className":294,"code":295,"language":296,"meta":52,"style":52},"language-java shiki shiki-themes github-light github-dark monokai","item is 3\nList has 0 elements\n","java",[54,298,299,307],{"__ignoreMap":52},[57,300,301,304],{"class":59,"line":60},[57,302,303],{"class":71},"item is ",[57,305,306],{"class":175},"3\n",[57,308,309,313,316,319],{"class":59,"line":75},[57,310,312],{"class":311},"sk8M1","List",[57,314,315],{"class":71}," has ",[57,317,318],{"class":175},"0",[57,320,321],{"class":71}," elements\n",[39,323,324,325,328,329,332],{},"The problem arises from two issues. First, Perl constructs a single argument list from its arguments, and this process includes flattening any arguments that are themselves lists. For this reason, Perl allows ",[54,326,327],{},"function()"," to be invoked with one list argument rather than two. Second, the function prototype imposes contexts on the arguments it gets: a single scalar context for the first variable and a list context from the second variable. These contexts are invoked on the arguments actually provided rather than on the argument list. In this case, the scalar context is applied to the ",[54,330,331],{},"@elements"," list, which yields 3, the number of elements in the list. Then the list context is applied to no argument, since only one argument was specified, and it produces an empty list (with 0 elements).",[123,334,336],{"id":335},"compliant-solution","Compliant Solution",[39,338,339],{},"This compliant solution omits the prototype:",[43,341,343],{"quality":342},"good",[47,344,346],{"className":49,"code":345,"language":51,"meta":52,"style":52},"sub function {\n  my ($item, @list) = @_;\n\n  print \"item is $item\\n\";\n  my $size = $#list + 1;\n  print \"List has $size elements\\n\";\n  foreach my $element (@list) {\n    print \"list contains $element\\n\";\n  }\n}\n\nmy @elements = (\"Tom\", \"Dick\", \"Harry\");\nfunction( @elements);\n",[54,347,348,357,363,367,381,387,403,411,425,429,433,437,455],{"__ignoreMap":52},[57,349,350,352,354],{"class":59,"line":60},[57,351,64],{"class":63},[57,353,68],{"class":67},[57,355,356],{"class":71}," {\n",[57,358,359,361],{"class":59,"line":75},[57,360,150],{"class":149},[57,362,153],{"class":71},[57,364,365],{"class":59,"line":82},[57,366,158],{"emptyLinePlaceholder":7},[57,368,369,371,373,375,377,379],{"class":59,"line":161},[57,370,165],{"class":164},[57,372,169],{"class":168},[57,374,172],{"class":71},[57,376,176],{"class":175},[57,378,179],{"class":168},[57,380,182],{"class":71},[57,382,383,385],{"class":59,"line":185},[57,384,150],{"class":149},[57,386,190],{"class":71},[57,388,389,391,393,395,397,399,401],{"class":59,"line":193},[57,390,165],{"class":164},[57,392,198],{"class":168},[57,394,201],{"class":71},[57,396,204],{"class":168},[57,398,176],{"class":175},[57,400,179],{"class":168},[57,402,182],{"class":71},[57,404,405,407,409],{"class":59,"line":213},[57,406,216],{"class":149},[57,408,219],{"class":149},[57,410,222],{"class":71},[57,412,413,415,417,419,421,423],{"class":59,"line":225},[57,414,228],{"class":164},[57,416,231],{"class":168},[57,418,234],{"class":71},[57,420,176],{"class":175},[57,422,179],{"class":168},[57,424,182],{"class":71},[57,426,427],{"class":59,"line":243},[57,428,246],{"class":71},[57,430,431],{"class":59,"line":249},[57,432,85],{"class":71},[57,434,435],{"class":59,"line":254},[57,436,158],{"emptyLinePlaceholder":7},[57,438,439,441,443,445,447,449,451,453],{"class":59,"line":259},[57,440,262],{"class":149},[57,442,265],{"class":71},[57,444,268],{"class":168},[57,446,271],{"class":71},[57,448,274],{"class":168},[57,450,271],{"class":71},[57,452,279],{"class":168},[57,454,282],{"class":71},[57,456,457],{"class":59,"line":285},[57,458,288],{"class":71},[39,460,461,462,464,465,467,468,471,472,475],{},"With no prototype, the first element in the list ",[54,463,268],{}," is assigned to ",[54,466,172],{}," , and the ",[54,469,470],{},"$list"," gets the remaining elements: ",[54,473,474],{},"  (\"Dick\", \"Harry\") ",".``` java\nitem is Tom\nList has 2 elements\nlist contains Dick\nlist contains Harry",[47,477,482],{"className":478,"code":480,"language":481},[479],"language-text","\n## Risk Assessment\n\nSubroutine prototypes do not provide compile-time type safety and can cause surprising program behavior.\n\n|                |          |            |                  |          |       |\n|----------------|----------|------------|------------------|----------|-------|\n| Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |\n| DCL00-PL       | Low      | Likely     | Low              | P9       | L2    |\n\n## Automated Detection\n\n|                                                                                                                                  |                                           |\n|----------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------|\n| Tool                                                                                                                             | Diagnostic                                |\n| Perl::Critic                                                                                                                     | Subroutines::ProhibitSubroutinePrototypes |\n| [Security Reviewer - Static Reviewer](\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer) | **PERL_D105**                             |\n\n## Bibliography\n\n|                                                                                                          |                                                                                                                                                                                                                                                  |\n|----------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| \\[ [Conway 2005](\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Conway05) \\] | \"Prototypes,\" p. 194                                                                                                                                                                                                                             |\n| \\[ [CPAN](\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-CPAN) \\]            | [Elliot Shank, Perl-Critic-1.116](http:\u002F\u002Fsearch.cpan.org\u002F%7Eelliotjs\u002FPerl-Critic-1.116\u002F) [Subroutines::ProhibitSubroutinePrototypes](http:\u002F\u002Fsearch.cpan.org\u002Fdist\u002FPerl-Critic\u002Flib\u002FPerl\u002FCritic\u002FPolicy\u002FSubroutines\u002FProhibitSubroutinePrototypes.pm) |\n| \\[ [Wall 2011](\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Manpages) \\]   | [perlsub](http:\u002F\u002Fperldoc.perl.org\u002Fperlsub.html)                                                                                                                                                                                                  |\n\n  \n\n  \n\n------------------------------------------------------------------------\n\n\u003Ca href=\"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002F\">\u003Cimg src=\"\u002Fattachments\u002F88890562\u002F88892207.png\" \u002F>\u003C\u002Fa> \u003Ca href=\"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002F\">\u003Cimg src=\"\u002Fattachments\u002F88890562\u002F88892209.png\" \u002F>\u003C\u002Fa> \u003Ca href=\"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-pl\">\u003Cimg src=\"\u002Fattachments\u002F88890562\u002F88892208.png\" \u002F>\u003C\u002Fa>\n","text",[54,483,480],{"__ignoreMap":52},[485,486,487],"style",{},"html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .srTi1, html code.shiki .srTi1{--shiki-default:#6F42C1;--shiki-dark:#B392F0;--shiki-sepia:#A6E22E}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sTrkL, html code.shiki .sTrkL{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#66D9EF}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html pre.shiki code .s7F3e, html code.shiki .s7F3e{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#AE81FF}html pre.shiki code .sk8M1, html code.shiki .sk8M1{--shiki-default:#24292E;--shiki-default-font-style:inherit;--shiki-dark:#E1E4E8;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}",{"title":52,"searchDepth":75,"depth":75,"links":489},[490,491],{"id":125,"depth":75,"text":126},{"id":335,"depth":75,"text":336},"md",{"tags":494},[495,496],"dcl","recommendation","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-pl",{"title":30,"description":41},"7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F2.dcl00-pl","4uOu7gwlEwgUWO3aG5c4hDSKlEpQXGoXRzEW_SeGNYY",[502,506],{"title":503,"path":504,"stem":505,"children":-1},"Declarations and Initialization (DCL)","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F1.index",{"title":507,"path":508,"stem":509,"children":-1},"DCL01-PL. Do not reuse variable names in subscopes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F3.dcl01-pl",[511],{"title":512,"path":513,"stem":514,"children":515},"SEI CERT Perl Coding Standard","\u002Fsei-cert-perl-coding-standard","7.sei-cert-perl-coding-standard\u002F1.index",[516,517,573,704,844],{"title":512,"path":513,"stem":514},{"title":518,"path":519,"stem":520,"children":521},"Front Matter","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F1.index",[522,523,527],{"title":518,"path":519,"stem":520},{"title":524,"path":525,"stem":526},"Deprecations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fdeprecations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F2.deprecations",{"title":528,"path":529,"stem":530,"children":531},"Introduction","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.index",[532,533,537,541,545,549,553,557,561,565,569],{"title":528,"path":529,"stem":530},{"title":534,"path":535,"stem":536},"Scope","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.scope",{"title":538,"path":539,"stem":540},"Tool Selection and Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F02.tool-selection-and-validation",{"title":542,"path":543,"stem":544},"Rules versus Recommendations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F03.rules-versus-recommendations",{"title":546,"path":547,"stem":548},"Development Process","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F04.development-process",{"title":550,"path":551,"stem":552},"Usage","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F05.usage",{"title":554,"path":555,"stem":556},"System Qualities","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F06.system-qualities",{"title":558,"path":559,"stem":560},"Risk Assessment","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frisk-assessment","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F07.risk-assessment",{"title":562,"path":563,"stem":564},"Source Code Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsource-code-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F08.source-code-validation",{"title":566,"path":567,"stem":568},"Automatically Generated Code","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F09.automatically-generated-code",{"title":570,"path":571,"stem":572},"Acknowledgements","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgements","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F11.acknowledgements",{"title":574,"path":575,"stem":576,"children":577},"Rules","\u002Fsei-cert-perl-coding-standard\u002Frules","7.sei-cert-perl-coding-standard\u002F3.rules\u002F1.index",[578,579,596,622,632,662,666,680,690],{"title":574,"path":575,"stem":576},{"title":503,"path":580,"stem":581,"children":582},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F1.index",[583,584,588,592],{"title":503,"path":580,"stem":581},{"title":585,"path":586,"stem":587},"DCL30-PL. Do not import deprecated modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F2.dcl30-pl",{"title":589,"path":590,"stem":591},"DCL31-PL. Do not overload reserved keywords or subroutines","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F3.dcl31-pl",{"title":593,"path":594,"stem":595},"DCL33-PL. Declare identifiers before using them","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F4.dcl33-pl",{"title":597,"path":598,"stem":599,"children":600},"Expressions (EXP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F1.index",[601,602,606,610,614,618],{"title":597,"path":598,"stem":599},{"title":603,"path":604,"stem":605},"EXP30-PL. Do not use deprecated or obsolete functions or modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F2.exp30-pl",{"title":607,"path":608,"stem":609},"EXP31-PL. Do not suppress or ignore exceptions","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F3.exp31-pl",{"title":611,"path":612,"stem":613},"EXP32-PL. Do not ignore function return values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F4.exp32-pl",{"title":615,"path":616,"stem":617},"EXP33-PL. Do not invoke a function in a context for which it is not defined","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F5.exp33-pl",{"title":619,"path":620,"stem":621},"EXP35-PL. Use the correct operator type for comparing values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F6.exp35-pl",{"title":623,"path":624,"stem":625,"children":626},"File Input and Output (FIO)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F1.index",[627,628],{"title":623,"path":624,"stem":625},{"title":629,"path":630,"stem":631},"FIO30-PL. Use compatible character encodings when performing network or file I\u002FO","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio\u002Ffio30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F2.fio30-pl",{"title":633,"path":634,"stem":635,"children":636},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[637,638,642,646,650,654,658],{"title":633,"path":634,"stem":635},{"title":639,"path":640,"stem":641},"IDS30-PL. Exclude user input from format strings","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids30-pl",{"title":643,"path":644,"stem":645},"IDS31-PL. Do not use the two-argument form of open()","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids31-pl",{"title":647,"path":648,"stem":649},"IDS32-PL. Validate any integer that is used as an array index","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F4.ids32-pl",{"title":651,"path":652,"stem":653},"IDS33-PL. Sanitize untrusted data passed across a trust boundary","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F5.ids33-pl",{"title":655,"path":656,"stem":657},"IDS34-PL. Do not pass untrusted, unsanitized data to a command interpreter","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids34-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F6.ids34-pl",{"title":659,"path":660,"stem":661},"IDS35-PL. Do not invoke the eval form with a string argument","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F7.ids35-pl",{"title":663,"path":664,"stem":665},"Integers (INT)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F3.rules\u002F6.integers-int",{"title":667,"path":668,"stem":669,"children":670},"Miscellaneous (MSC)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F1.index",[671,672,676],{"title":667,"path":668,"stem":669},{"title":673,"path":674,"stem":675},"MSC31-PL. Do not embed global statements","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F2.msc31-pl",{"title":677,"path":678,"stem":679},"MSC32-PL. Do not provide a module's version value from outside the module","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F3.msc32-pl",{"title":681,"path":682,"stem":683,"children":684},"Object-Oriented Programming (OOP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F1.index",[685,686],{"title":681,"path":682,"stem":683},{"title":687,"path":688,"stem":689},"OOP32-PL. Prohibit indirect object call syntax","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop\u002Foop32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F2.oop32-pl",{"title":691,"path":692,"stem":693,"children":694},"Strings (STR)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F1.index",[695,696,700],{"title":691,"path":692,"stem":693},{"title":697,"path":698,"stem":699},"STR30-PL. Capture variables should be read only immediately after a successful regex match","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F2.str30-pl",{"title":701,"path":702,"stem":703},"STR31-PL. Do not pass string literals to functions expecting regexes","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F3.str31-pl",{"title":705,"path":706,"stem":707,"children":708},"Recommendations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F1.index",[709,710,731,764,777,790,803,828,841],{"title":705,"path":706,"stem":707},{"title":503,"path":504,"stem":505,"children":711},[712,713,714,715,719,723,727],{"title":503,"path":504,"stem":505},{"title":30,"path":497,"stem":499},{"title":507,"path":508,"stem":509},{"title":716,"path":717,"stem":718},"DCL02-PL. Any modified punctuation variable should be declared local","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F4.dcl02-pl",{"title":720,"path":721,"stem":722},"DCL03-PL. Do not read a foreach iterator variable after the loop has completed","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F5.dcl03-pl",{"title":724,"path":725,"stem":726},"DCL04-PL. Always initialize local variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F6.dcl04-pl",{"title":728,"path":729,"stem":730},"DCL05-PL. Prohibit Perl4 package names","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F7.dcl05-pl",{"title":597,"path":732,"stem":733,"children":734},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F1.index",[735,736,740,744,748,752,756,760],{"title":597,"path":732,"stem":733},{"title":737,"path":738,"stem":739},"EXP00-PL. Do not return undef","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F2.exp00-pl",{"title":741,"path":742,"stem":743},"EXP01-PL. Do not depend on the return value of functions that lack a return statement","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F3.exp01-pl",{"title":745,"path":746,"stem":747},"EXP03-PL. Do not diminish the benefits of constants by assuming their values in expressions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F4.exp03-pl",{"title":749,"path":750,"stem":751},"EXP04-PL. Do not mix the early-precedence logical operators with late-precedence logical operators","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F5.exp04-pl",{"title":753,"path":754,"stem":755},"EXP06-PL. Do not use an array in an implicit scalar context","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp06-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F6.exp06-pl",{"title":757,"path":758,"stem":759},"EXP07-PL. Do not modify $_ in list or sorting functions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F7.exp07-pl",{"title":761,"path":762,"stem":763},"EXP08-PL. Do not use the one-argument form of select()","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F8.exp08-pl",{"title":623,"path":765,"stem":766,"children":767},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F1.index",[768,769,773],{"title":623,"path":765,"stem":766},{"title":770,"path":771,"stem":772},"FIO00-PL. Do not use bareword file handles","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F2.fio00-pl",{"title":774,"path":775,"stem":776},"FIO01-PL. Do not operate on files that can be modified by untrusted users","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F3.fio01-pl",{"title":633,"path":778,"stem":779,"children":780},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[781,782,786],{"title":633,"path":778,"stem":779},{"title":783,"path":784,"stem":785},"IDS00-PL. Canonicalize path names before validating them","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids00-pl",{"title":787,"path":788,"stem":789},"IDS01-PL. Use taint mode while being aware of its limitations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids01-pl",{"title":663,"path":791,"stem":792,"children":793},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F1.index",[794,795,799],{"title":663,"path":791,"stem":792},{"title":796,"path":797,"stem":798},"INT00-PL. Do not prepend leading zeroes to integer literals","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F2.int00-pl",{"title":800,"path":801,"stem":802},"INT01-PL. Use small integers when precise computation is required","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F3.int01-pl",{"title":667,"path":804,"stem":805,"children":806},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F1.index",[807,808,812,816,820,824],{"title":667,"path":804,"stem":805},{"title":809,"path":810,"stem":811},"MSC00-PL. Detect and remove dead code","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F2.msc00-pl",{"title":813,"path":814,"stem":815},"MSC01-PL. Detect and remove unused variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F3.msc01-pl",{"title":817,"path":818,"stem":819},"MSC02-PL. Run programs with full warnings and strict checking","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F4.msc02-pl",{"title":821,"path":822,"stem":823},"MSC03-PL. Do not use select() to sleep","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F5.msc03-pl",{"title":825,"path":826,"stem":827},"MSC04-PL. Do not use comma to separate statements","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F6.msc04-pl",{"title":681,"path":829,"stem":830,"children":831},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F1.index",[832,833,837],{"title":681,"path":829,"stem":830},{"title":834,"path":835,"stem":836},"OOP00-PL. Do not signify inheritence at runtime","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F2.oop00-pl",{"title":838,"path":839,"stem":840},"OOP01-PL. Do not access private variables or subroutines in other packages","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F3.oop01-pl",{"title":691,"path":842,"stem":843},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F9.strings-str",{"title":845,"path":846,"stem":847,"children":848},"Back Matter","\u002Fsei-cert-perl-coding-standard\u002Fback-matter","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F1.index",[849,850,854,884],{"title":845,"path":846,"stem":847},{"title":851,"path":852,"stem":853},"AA. Bibliography","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F2.aa-bibliography",{"title":855,"path":856,"stem":857,"children":858},"BB. Analyzers","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F1.index",[859,860,864,868,872,876,880],{"title":855,"path":856,"stem":857},{"title":861,"path":862,"stem":863},"Critic","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F2.critic",{"title":865,"path":866,"stem":867},"Critic_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F3.critic_v",{"title":869,"path":870,"stem":871},"Lint","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F4.lint",{"title":873,"path":874,"stem":875},"Lint_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F5.lint_v",{"title":877,"path":878,"stem":879},"Security Reviewer - Static Reviewer","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F6.security-reviewer-static-reviewer",{"title":881,"path":882,"stem":883},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F7.security-reviewer-static-reviewer_v",{"title":885,"path":886,"stem":887},"CC. Risk Assessments","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fcc-risk-assessments","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F4.cc-risk-assessments",1775657794537]