[{"data":1,"prerenderedAt":939},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp01-pl":28,"surround-\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp01-pl":555,"sidebar-sei-cert-perl-coding-standard":562},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":41,"extension":546,"meta":547,"navigation":7,"path":551,"seo":552,"stem":553,"__hash__":554},"content\u002F7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F3.exp01-pl.md","EXP01-PL. Do not depend on the return value of functions that lack a return statement",{"type":32,"value":33,"toc":538},"minimark",[34,38,42,45,98,103,106,217,227,247,260,264,271,343,347,354,358,361,427,431,459,463,510,513,534],[35,36,30],"h1",{"id":37},"exp01-pl-do-not-depend-on-the-return-value-of-functions-that-lack-a-return-statement",[39,40,41],"p",{},"All Perl subroutines may be used in an expression as if they returned a value, but Perl subroutines are not required to have an explicit return statement. If control exits a subroutine by some means other than an explicit return statement, then the value actually returned is the last value computed within the subroutine. This behavior is never intended by the developer (else she would have added a return statement) and may potentially be information that is private to the subroutine.",[39,43,44],{},"Consequently, all subroutines must have an explicit return statement, even if it returns no useful value. Legacy code may, in lieu of an explicit return statement, use a trivial statement that at least computes an explicit value, such as the following:",[46,47,49],"code-block",{"quality":48},"good",[50,51,56],"pre",{"className":52,"code":53,"language":54,"meta":55,"style":55},"language-perl shiki shiki-themes github-light github-dark monokai","sub subroutine {\n  # ... do stuff\n  1;   # always returns 1\n}\n","perl","",[57,58,59,76,83,92],"code",{"__ignoreMap":55},[60,61,64,68,72],"span",{"class":62,"line":63},"line",1,[60,65,67],{"class":66},"sq6CD","sub",[60,69,71],{"class":70},"srTi1"," subroutine",[60,73,75],{"class":74},"sMOD_"," {\n",[60,77,79],{"class":62,"line":78},2,[60,80,82],{"class":81},"s8-w5","  # ... do stuff\n",[60,84,86,89],{"class":62,"line":85},3,[60,87,88],{"class":74},"  1;   ",[60,90,91],{"class":81},"# always returns 1\n",[60,93,95],{"class":62,"line":94},4,[60,96,97],{"class":74},"}\n",[99,100,102],"h2",{"id":101},"noncompliant-code-example","Noncompliant Code Example",[39,104,105],{},"This noncompliant code example uses a hypothetical banking system to deposit some money.",[46,107,109],{"quality":108},"bad",[50,110,112],{"className":52,"code":111,"language":54,"meta":55,"style":55},"package Bank;\n\n# ...\nsub deposit {\n  my ($amount, $account, $pin) = @_;\n  my $good_pin = _get_pin( $account);\n  if ($pin == $good_pin) {\n    my $balance = _get_balance( $account);\n    _set_balance( $account, $amount + $balance);\n  } else {\n    my $failed = $good_pin;\n  }\n}\n",[57,113,114,127,132,137,146,155,163,172,181,187,198,206,212],{"__ignoreMap":55},[60,115,116,120,124],{"class":62,"line":63},[60,117,119],{"class":118},"sC2Qs","package",[60,121,123],{"class":122},"sz2Vg"," Bank",[60,125,126],{"class":74},";\n",[60,128,129],{"class":62,"line":78},[60,130,131],{"emptyLinePlaceholder":7},"\n",[60,133,134],{"class":62,"line":85},[60,135,136],{"class":81},"# ...\n",[60,138,139,141,144],{"class":62,"line":94},[60,140,67],{"class":66},[60,142,143],{"class":70}," deposit",[60,145,75],{"class":74},[60,147,149,152],{"class":62,"line":148},5,[60,150,151],{"class":118},"  my",[60,153,154],{"class":74}," ($amount, $account, $pin) = @_;\n",[60,156,158,160],{"class":62,"line":157},6,[60,159,151],{"class":118},[60,161,162],{"class":74}," $good_pin = _get_pin( $account);\n",[60,164,166,169],{"class":62,"line":165},7,[60,167,168],{"class":118},"  if",[60,170,171],{"class":74}," ($pin == $good_pin) {\n",[60,173,175,178],{"class":62,"line":174},8,[60,176,177],{"class":118},"    my",[60,179,180],{"class":74}," $balance = _get_balance( $account);\n",[60,182,184],{"class":62,"line":183},9,[60,185,186],{"class":74},"    _set_balance( $account, $amount + $balance);\n",[60,188,190,193,196],{"class":62,"line":189},10,[60,191,192],{"class":74},"  } ",[60,194,195],{"class":118},"else",[60,197,75],{"class":74},[60,199,201,203],{"class":62,"line":200},11,[60,202,177],{"class":118},[60,204,205],{"class":74}," $failed = $good_pin;\n",[60,207,209],{"class":62,"line":208},12,[60,210,211],{"class":74},"  }\n",[60,213,215],{"class":62,"line":214},13,[60,216,97],{"class":74},[39,218,219,220,223,224,226],{},"The ",[57,221,222],{},"deposit()"," function does not explicitly return any value. Consequently, if any code invokes the ",[57,225,222],{}," routine and does something with the return value, what value does it actually receive?",[39,228,229,230,232,233,236,237,240,241,243,244,246],{},"The answer is, the last value actually computed within the ",[57,231,222],{}," routine will be used as the return value. But to determine the last computed value, you have to do some control flow analysis. For this routine, if a valid ",[57,234,235],{},"$pin"," is supplied, then the last value computed is the return value of ",[57,238,239],{},"_set_balance()"," , so invoking ",[57,242,222],{}," with a valid PIN yields the result of the private ",[57,245,239],{}," routine, which may be sensitive.",[39,248,249,250,252,253,256,257,259],{},"On the other hand, if an invalid ",[57,251,235],{}," is supplied, the last value computed is ",[57,254,255],{},"$good_pin"," . So if ",[57,258,222],{}," is invoked with an invalid PIN, it actually returns the correct PIN!",[99,261,263],{"id":262},"compliant-solution","Compliant Solution",[39,265,266,267,270],{},"This compliant solution adds a trivial return statement to the function. Now the function always returns ",[57,268,269],{},"undef"," rather than any sensitive information.",[46,272,273],{"quality":48},[50,274,276],{"className":52,"code":275,"language":54,"meta":55,"style":55},"sub deposit {\n  my ($amount, $account, $pin) = @_;\n  my $good_pin = _get_pin( $account);\n  if ($pin == $good_pin) {\n    my $balance = _get_balance( $account);\n    _set_balance( $account, $amount + $balance);\n  } else {\n    my $failed = $good_pin;\n  }\n  return;\n}\n",[57,277,278,286,292,298,304,310,314,322,328,332,339],{"__ignoreMap":55},[60,279,280,282,284],{"class":62,"line":63},[60,281,67],{"class":66},[60,283,143],{"class":70},[60,285,75],{"class":74},[60,287,288,290],{"class":62,"line":78},[60,289,151],{"class":118},[60,291,154],{"class":74},[60,293,294,296],{"class":62,"line":85},[60,295,151],{"class":118},[60,297,162],{"class":74},[60,299,300,302],{"class":62,"line":94},[60,301,168],{"class":118},[60,303,171],{"class":74},[60,305,306,308],{"class":62,"line":148},[60,307,177],{"class":118},[60,309,180],{"class":74},[60,311,312],{"class":62,"line":157},[60,313,186],{"class":74},[60,315,316,318,320],{"class":62,"line":165},[60,317,192],{"class":74},[60,319,195],{"class":118},[60,321,75],{"class":74},[60,323,324,326],{"class":62,"line":174},[60,325,177],{"class":118},[60,327,205],{"class":74},[60,329,330],{"class":62,"line":183},[60,331,211],{"class":74},[60,333,334,337],{"class":62,"line":189},[60,335,336],{"class":118},"  return",[60,338,126],{"class":74},[60,340,341],{"class":62,"line":200},[60,342,97],{"class":74},[99,344,346],{"id":345},"exceptions","Exceptions",[39,348,349,353],{},[350,351,352],"strong",{},"EXP01:EX1"," : A function need not have an explicit return value if it is only used in a program that never requests its return value.",[99,355,357],{"id":356},"risk-assessment","Risk Assessment",[39,359,360],{},"An attempt to read the return value of a function that did not return any value can cause data encapsulated by the function to leak.",[362,363,364,383],"table",{},[365,366,367],"thead",{},[368,369,370,373,375,377,379,381],"tr",{},[371,372],"th",{},[371,374],{},[371,376],{},[371,378],{},[371,380],{},[371,382],{},[384,385,386,407],"tbody",{},[368,387,388,392,395,398,401,404],{},[389,390,391],"td",{},"Recommendation",[389,393,394],{},"Severity",[389,396,397],{},"Likelihood",[389,399,400],{},"Remediation Cost",[389,402,403],{},"Priority",[389,405,406],{},"Level",[368,408,409,412,415,418,421,424],{},[389,410,411],{},"EXP01-PL",[389,413,414],{},"Medium",[389,416,417],{},"Likely",[389,419,420],{},"Low",[389,422,423],{},"P18",[389,425,426],{},"L1",[99,428,430],{"id":429},"automated-detection","Automated Detection",[362,432,433,441],{},[365,434,435],{},[368,436,437,439],{},[371,438],{},[371,440],{},[384,442,443,451],{},[368,444,445,448],{},[389,446,447],{},"Tool",[389,449,450],{},"Diagnostic",[368,452,453,456],{},[389,454,455],{},"Perl::Critic",[389,457,458],{},"Subroutines::RequireFinalReturn",[99,460,462],{"id":461},"bibliography","Bibliography",[362,464,465,473],{},[365,466,467],{},[368,468,469,471],{},[371,470],{},[371,472],{},[384,474,475,489],{},[368,476,477,486],{},[389,478,479,480,485],{},"[ ",[481,482,484],"a",{"href":483},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Conway05","Conway 2005"," ]",[389,487,488],{},"\"Implicit Returns,\" p. 197",[368,490,491,497],{},[389,492,479,493,485],{},[481,494,496],{"href":495},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-CPAN","CPAN",[389,498,499,505,506],{},[481,500,504],{"href":501,"rel":502},"http:\u002F\u002Fsearch.cpan.org\u002F%7Eelliotjs\u002FPerl-Critic-1.116\u002F",[503],"nofollow","Elliot Shank, Perl-Critic-1.116"," ",[481,507,458],{"href":508,"rel":509},"http:\u002F\u002Fsearch.cpan.org\u002Fdist\u002FPerl-Critic\u002Flib\u002FPerl\u002FCritic\u002FPolicy\u002FSubroutines\u002FRequireFinalReturn.pm",[503],[511,512],"hr",{},[39,514,515,505,522,505,528],{},[481,516,518],{"href":517},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-pl",[519,520],"img",{"src":521},"\u002Fattachments\u002F88890562\u002F88892207.png",[481,523,525],{"href":524},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002F",[519,526],{"src":527},"\u002Fattachments\u002F88890562\u002F88892209.png",[481,529,531],{"href":530},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-pl",[519,532],{"src":533},"\u002Fattachments\u002F88890562\u002F88892208.png",[535,536,537],"style",{},"html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .srTi1, html code.shiki .srTi1{--shiki-default:#6F42C1;--shiki-dark:#B392F0;--shiki-sepia:#A6E22E}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sz2Vg, html code.shiki .sz2Vg{--shiki-default:#6F42C1;--shiki-default-text-decoration:inherit;--shiki-dark:#B392F0;--shiki-dark-text-decoration:inherit;--shiki-sepia:#A6E22E;--shiki-sepia-text-decoration:underline}",{"title":55,"searchDepth":78,"depth":78,"links":539},[540,541,542,543,544,545],{"id":101,"depth":78,"text":102},{"id":262,"depth":78,"text":263},{"id":345,"depth":78,"text":346},{"id":356,"depth":78,"text":357},{"id":429,"depth":78,"text":430},{"id":461,"depth":78,"text":462},"md",{"tags":548},[549,550],"recommendation","exp","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp01-pl",{"title":30,"description":41},"7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F3.exp01-pl","VCjsrLfg-1dGciSyCtFCl19v8pWZri2JsHqR_IJygiw",[556,559],{"title":557,"path":517,"stem":558,"children":-1},"EXP00-PL. Do not return undef","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F2.exp00-pl",{"title":560,"path":530,"stem":561,"children":-1},"EXP03-PL. Do not diminish the benefits of constants by assuming their values in expressions","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F4.exp03-pl",[563],{"title":564,"path":565,"stem":566,"children":567},"SEI CERT Perl Coding Standard","\u002Fsei-cert-perl-coding-standard","7.sei-cert-perl-coding-standard\u002F1.index",[568,569,624,756,895],{"title":564,"path":565,"stem":566},{"title":570,"path":571,"stem":572,"children":573},"Front Matter","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F1.index",[574,575,579],{"title":570,"path":571,"stem":572},{"title":576,"path":577,"stem":578},"Deprecations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fdeprecations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F2.deprecations",{"title":580,"path":581,"stem":582,"children":583},"Introduction","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.index",[584,585,589,593,597,601,605,609,612,616,620],{"title":580,"path":581,"stem":582},{"title":586,"path":587,"stem":588},"Scope","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.scope",{"title":590,"path":591,"stem":592},"Tool Selection and Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F02.tool-selection-and-validation",{"title":594,"path":595,"stem":596},"Rules versus Recommendations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F03.rules-versus-recommendations",{"title":598,"path":599,"stem":600},"Development Process","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F04.development-process",{"title":602,"path":603,"stem":604},"Usage","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F05.usage",{"title":606,"path":607,"stem":608},"System Qualities","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F06.system-qualities",{"title":357,"path":610,"stem":611},"\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frisk-assessment","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F07.risk-assessment",{"title":613,"path":614,"stem":615},"Source Code Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsource-code-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F08.source-code-validation",{"title":617,"path":618,"stem":619},"Automatically Generated Code","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F09.automatically-generated-code",{"title":621,"path":622,"stem":623},"Acknowledgements","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgements","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F11.acknowledgements",{"title":625,"path":626,"stem":627,"children":628},"Rules","\u002Fsei-cert-perl-coding-standard\u002Frules","7.sei-cert-perl-coding-standard\u002F3.rules\u002F1.index",[629,630,648,674,684,714,718,732,742],{"title":625,"path":626,"stem":627},{"title":631,"path":632,"stem":633,"children":634},"Declarations and Initialization (DCL)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F1.index",[635,636,640,644],{"title":631,"path":632,"stem":633},{"title":637,"path":638,"stem":639},"DCL30-PL. Do not import deprecated modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F2.dcl30-pl",{"title":641,"path":642,"stem":643},"DCL31-PL. Do not overload reserved keywords or subroutines","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F3.dcl31-pl",{"title":645,"path":646,"stem":647},"DCL33-PL. Declare identifiers before using them","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F4.dcl33-pl",{"title":649,"path":650,"stem":651,"children":652},"Expressions (EXP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F1.index",[653,654,658,662,666,670],{"title":649,"path":650,"stem":651},{"title":655,"path":656,"stem":657},"EXP30-PL. Do not use deprecated or obsolete functions or modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F2.exp30-pl",{"title":659,"path":660,"stem":661},"EXP31-PL. Do not suppress or ignore exceptions","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F3.exp31-pl",{"title":663,"path":664,"stem":665},"EXP32-PL. Do not ignore function return values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F4.exp32-pl",{"title":667,"path":668,"stem":669},"EXP33-PL. Do not invoke a function in a context for which it is not defined","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F5.exp33-pl",{"title":671,"path":672,"stem":673},"EXP35-PL. Use the correct operator type for comparing values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F6.exp35-pl",{"title":675,"path":676,"stem":677,"children":678},"File Input and Output (FIO)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F1.index",[679,680],{"title":675,"path":676,"stem":677},{"title":681,"path":682,"stem":683},"FIO30-PL. Use compatible character encodings when performing network or file I\u002FO","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio\u002Ffio30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F2.fio30-pl",{"title":685,"path":686,"stem":687,"children":688},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[689,690,694,698,702,706,710],{"title":685,"path":686,"stem":687},{"title":691,"path":692,"stem":693},"IDS30-PL. Exclude user input from format strings","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids30-pl",{"title":695,"path":696,"stem":697},"IDS31-PL. Do not use the two-argument form of open()","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids31-pl",{"title":699,"path":700,"stem":701},"IDS32-PL. Validate any integer that is used as an array index","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F4.ids32-pl",{"title":703,"path":704,"stem":705},"IDS33-PL. Sanitize untrusted data passed across a trust boundary","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F5.ids33-pl",{"title":707,"path":708,"stem":709},"IDS34-PL. Do not pass untrusted, unsanitized data to a command interpreter","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids34-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F6.ids34-pl",{"title":711,"path":712,"stem":713},"IDS35-PL. Do not invoke the eval form with a string argument","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F7.ids35-pl",{"title":715,"path":716,"stem":717},"Integers (INT)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F3.rules\u002F6.integers-int",{"title":719,"path":720,"stem":721,"children":722},"Miscellaneous (MSC)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F1.index",[723,724,728],{"title":719,"path":720,"stem":721},{"title":725,"path":726,"stem":727},"MSC31-PL. Do not embed global statements","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F2.msc31-pl",{"title":729,"path":730,"stem":731},"MSC32-PL. Do not provide a module's version value from outside the module","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F3.msc32-pl",{"title":733,"path":734,"stem":735,"children":736},"Object-Oriented Programming (OOP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F1.index",[737,738],{"title":733,"path":734,"stem":735},{"title":739,"path":740,"stem":741},"OOP32-PL. Prohibit indirect object call syntax","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop\u002Foop32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F2.oop32-pl",{"title":743,"path":744,"stem":745,"children":746},"Strings (STR)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F1.index",[747,748,752],{"title":743,"path":744,"stem":745},{"title":749,"path":750,"stem":751},"STR30-PL. Capture variables should be read only immediately after a successful regex match","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F2.str30-pl",{"title":753,"path":754,"stem":755},"STR31-PL. Do not pass string literals to functions expecting regexes","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F3.str31-pl",{"title":757,"path":758,"stem":759,"children":760},"Recommendations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F1.index",[761,762,791,815,828,841,854,879,892],{"title":757,"path":758,"stem":759},{"title":631,"path":763,"stem":764,"children":765},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F1.index",[766,767,771,775,779,783,787],{"title":631,"path":763,"stem":764},{"title":768,"path":769,"stem":770},"DCL00-PL. Do not use subroutine prototypes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F2.dcl00-pl",{"title":772,"path":773,"stem":774},"DCL01-PL. Do not reuse variable names in subscopes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F3.dcl01-pl",{"title":776,"path":777,"stem":778},"DCL02-PL. Any modified punctuation variable should be declared local","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F4.dcl02-pl",{"title":780,"path":781,"stem":782},"DCL03-PL. Do not read a foreach iterator variable after the loop has completed","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F5.dcl03-pl",{"title":784,"path":785,"stem":786},"DCL04-PL. Always initialize local variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F6.dcl04-pl",{"title":788,"path":789,"stem":790},"DCL05-PL. Prohibit Perl4 package names","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F7.dcl05-pl",{"title":649,"path":792,"stem":793,"children":794},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F1.index",[795,796,797,798,799,803,807,811],{"title":649,"path":792,"stem":793},{"title":557,"path":517,"stem":558},{"title":30,"path":551,"stem":553},{"title":560,"path":530,"stem":561},{"title":800,"path":801,"stem":802},"EXP04-PL. Do not mix the early-precedence logical operators with late-precedence logical operators","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F5.exp04-pl",{"title":804,"path":805,"stem":806},"EXP06-PL. Do not use an array in an implicit scalar context","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp06-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F6.exp06-pl",{"title":808,"path":809,"stem":810},"EXP07-PL. Do not modify $_ in list or sorting functions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F7.exp07-pl",{"title":812,"path":813,"stem":814},"EXP08-PL. Do not use the one-argument form of select()","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F8.exp08-pl",{"title":675,"path":816,"stem":817,"children":818},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F1.index",[819,820,824],{"title":675,"path":816,"stem":817},{"title":821,"path":822,"stem":823},"FIO00-PL. Do not use bareword file handles","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F2.fio00-pl",{"title":825,"path":826,"stem":827},"FIO01-PL. Do not operate on files that can be modified by untrusted users","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F3.fio01-pl",{"title":685,"path":829,"stem":830,"children":831},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[832,833,837],{"title":685,"path":829,"stem":830},{"title":834,"path":835,"stem":836},"IDS00-PL. Canonicalize path names before validating them","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids00-pl",{"title":838,"path":839,"stem":840},"IDS01-PL. Use taint mode while being aware of its limitations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids01-pl",{"title":715,"path":842,"stem":843,"children":844},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F1.index",[845,846,850],{"title":715,"path":842,"stem":843},{"title":847,"path":848,"stem":849},"INT00-PL. Do not prepend leading zeroes to integer literals","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F2.int00-pl",{"title":851,"path":852,"stem":853},"INT01-PL. Use small integers when precise computation is required","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F3.int01-pl",{"title":719,"path":855,"stem":856,"children":857},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F1.index",[858,859,863,867,871,875],{"title":719,"path":855,"stem":856},{"title":860,"path":861,"stem":862},"MSC00-PL. Detect and remove dead code","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F2.msc00-pl",{"title":864,"path":865,"stem":866},"MSC01-PL. Detect and remove unused variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F3.msc01-pl",{"title":868,"path":869,"stem":870},"MSC02-PL. Run programs with full warnings and strict checking","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F4.msc02-pl",{"title":872,"path":873,"stem":874},"MSC03-PL. Do not use select() to sleep","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F5.msc03-pl",{"title":876,"path":877,"stem":878},"MSC04-PL. Do not use comma to separate statements","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F6.msc04-pl",{"title":733,"path":880,"stem":881,"children":882},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F1.index",[883,884,888],{"title":733,"path":880,"stem":881},{"title":885,"path":886,"stem":887},"OOP00-PL. Do not signify inheritence at runtime","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F2.oop00-pl",{"title":889,"path":890,"stem":891},"OOP01-PL. Do not access private variables or subroutines in other packages","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F3.oop01-pl",{"title":743,"path":893,"stem":894},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F9.strings-str",{"title":896,"path":897,"stem":898,"children":899},"Back Matter","\u002Fsei-cert-perl-coding-standard\u002Fback-matter","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F1.index",[900,901,905,935],{"title":896,"path":897,"stem":898},{"title":902,"path":903,"stem":904},"AA. Bibliography","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F2.aa-bibliography",{"title":906,"path":907,"stem":908,"children":909},"BB. Analyzers","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F1.index",[910,911,915,919,923,927,931],{"title":906,"path":907,"stem":908},{"title":912,"path":913,"stem":914},"Critic","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F2.critic",{"title":916,"path":917,"stem":918},"Critic_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F3.critic_v",{"title":920,"path":921,"stem":922},"Lint","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F4.lint",{"title":924,"path":925,"stem":926},"Lint_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F5.lint_v",{"title":928,"path":929,"stem":930},"Security Reviewer - Static Reviewer","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F6.security-reviewer-static-reviewer",{"title":932,"path":933,"stem":934},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F7.security-reviewer-static-reviewer_v",{"title":936,"path":937,"stem":938},"CC. Risk Assessments","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fcc-risk-assessments","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F4.cc-risk-assessments",1775657795062]