[{"data":1,"prerenderedAt":1079},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-pl":28,"surround-\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-pl":697,"sidebar-sei-cert-perl-coding-standard":706},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":687,"extension":688,"meta":689,"navigation":7,"path":693,"seo":694,"stem":695,"__hash__":696},"content\u002F7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F7.exp07-pl.md","EXP07-PL. Do not modify $_ in list or sorting functions",{"type":32,"value":33,"toc":676},"minimark",[34,38,59,68,74,97,107,115,126,249,265,271,277,372,378,385,460,464,467,533,537,576,580,647,650,672],[35,36,30],"h1",{"id":37},"exp07-pl-do-not-modify-_-in-list-or-sorting-functions",[39,40,41,42,46,47,50,51,58],"p",{},"Perl provides several functions for list manipulation. For instance, the ",[43,44,45],"code",{},"map()"," function takes an expression or block, applies it to each element in a list, and returns the list of mapped elements. If it is given a block, the block is executed with ",[43,48,49],{},"$_"," assigned to each element of the list in turn. The ",[52,53,57],"a",{"href":54,"rel":55},"http:\u002F\u002Fperldoc.perl.org\u002Fperlfunc.html",[56],"nofollow","perlfunc"," manpage adds:",[60,61,62],"blockquote",{},[39,63,64,65,67],{},"Note that ",[43,66,49],{}," is an alias to the list value, so it can be used to modify the elements of the LIST. While this is useful and supported, it can cause bizarre results if the elements of LIST are not variables. Using a regular \"foreach\" loop for this purpose would be clearer in most cases.",[39,69,70,71,73],{},"Although it is supported, using ",[43,72,45],{}," to modify a list in place can lead to surprises in maintainability and is thus forbidden.",[39,75,76,77,80,81,84,85,88,89,92,93,96],{},"Many other list functions provide similar functionality, using a block on various list elements. The ",[43,78,79],{},"grep()"," function is one such example, as are the ",[43,82,83],{},"first()"," and ",[43,86,87],{},"reduce()"," functions in ",[43,90,91],{},"List::Util"," and all of the functions in ",[43,94,95],{},"List::MoreUtils"," .",[39,98,99,100,103,104,106],{},"Finally, the ",[43,101,102],{},"sort()"," function also provides aliases to its comparison blocks, so a comparison block for ",[43,105,102],{}," must not modify its variables.",[108,109,111,112,114],"h2",{"id":110},"noncompliant-code-example-grep","Noncompliant Code Example ( ",[43,113,79],{}," )",[39,116,117,118,121,122,125],{},"This noncompliant code example reads the ",[43,119,120],{},"\u002Fetc\u002Fpasswd"," file and lists all users who use ",[43,123,124],{},"\u002Fbin\u002Fsh"," as their login shell.",[127,128,130],"code-block",{"quality":129},"bad",[131,132,137],"pre",{"className":133,"code":134,"language":135,"meta":136,"style":136},"language-perl shiki shiki-themes github-light github-dark monokai","open( PASSWD, \"\u003C\", \"\u002Fetc\u002Fpasswd\") or croak \"error opening \u002Fetc\u002Fpasswd: stopped\"\nmy @users = \u003CPASSWD>;\nmy @shell_users = grep +(s|\u002Fbin\u002Fsh||), @users;\nforeach my $user (@shell_users) {\n  print \"Shell User: $user\";\n}\n","perl","",[43,138,139,175,184,213,225,243],{"__ignoreMap":136},[140,141,144,148,152,156,159,162,165,169,172],"span",{"class":142,"line":143},"line",1,[140,145,147],{"class":146},"sTrkL","open",[140,149,151],{"class":150},"sMOD_","( PASSWD, ",[140,153,155],{"class":154},"sstjo","\"\u003C\"",[140,157,158],{"class":150},", ",[140,160,161],{"class":154},"\"\u002Fetc\u002Fpasswd\"",[140,163,164],{"class":150},") ",[140,166,168],{"class":167},"sC2Qs","or",[140,170,171],{"class":150}," croak ",[140,173,174],{"class":154},"\"error opening \u002Fetc\u002Fpasswd: stopped\"\n",[140,176,178,181],{"class":142,"line":177},2,[140,179,180],{"class":167},"my",[140,182,183],{"class":150}," @users = \u003CPASSWD>;\n",[140,185,187,189,192,195,198,201,204,207,210],{"class":142,"line":186},3,[140,188,180],{"class":167},[140,190,191],{"class":150}," @shell_users = ",[140,193,194],{"class":146},"grep",[140,196,197],{"class":150}," +(",[140,199,200],{"class":146},"s",[140,202,203],{"class":154},"|",[140,205,124],{"class":206},"sFxd3",[140,208,209],{"class":154},"||",[140,211,212],{"class":150},"), @users;\n",[140,214,216,219,222],{"class":142,"line":215},4,[140,217,218],{"class":167},"foreach",[140,220,221],{"class":167}," my",[140,223,224],{"class":150}," $user (@shell_users) {\n",[140,226,228,231,234,237,240],{"class":142,"line":227},5,[140,229,230],{"class":146},"  print",[140,232,233],{"class":154}," \"Shell User: ",[140,235,236],{"class":150},"$user",[140,238,239],{"class":154},"\"",[140,241,242],{"class":150},";\n",[140,244,246],{"class":142,"line":245},6,[140,247,248],{"class":150},"}\n",[39,250,251,252,254,255,257,258,261,262,264],{},"However, because the ",[43,253,79],{}," block removes ",[43,256,124],{}," from any input line that contains it, it modifies the ",[43,259,260],{},"@users"," list so that no user has ",[43,263,124],{}," !",[108,266,268,269,114],{"id":267},"compliant-solution-grep","Compliant Solution ( ",[43,270,79],{},[39,272,273,274,276],{},"This compliant solution does the same thing but does not modify the ",[43,275,260],{}," array.",[127,278,280],{"quality":279},"good",[131,281,283],{"className":133,"code":282,"language":135,"meta":136,"style":136},"open( PASSWD, \"\u003C\", \"\u002Fetc\u002Fpasswd\") or croak \"error opening \u002Fetc\u002Fpasswd: stopped\"\nmy @users = \u003CPASSWD>;\nmy @shell_users = grep +(m|\u002Fbin\u002Fsh|), @users;\nforeach my $user (@shell_users) {\n  $user =~ s|\u002Fbin\u002Fsh||;\n  print \"Shell User: $user\";\n}\n",[43,284,285,305,311,332,340,355,367],{"__ignoreMap":136},[140,286,287,289,291,293,295,297,299,301,303],{"class":142,"line":143},[140,288,147],{"class":146},[140,290,151],{"class":150},[140,292,155],{"class":154},[140,294,158],{"class":150},[140,296,161],{"class":154},[140,298,164],{"class":150},[140,300,168],{"class":167},[140,302,171],{"class":150},[140,304,174],{"class":154},[140,306,307,309],{"class":142,"line":177},[140,308,180],{"class":167},[140,310,183],{"class":150},[140,312,313,315,317,319,321,324,326,328,330],{"class":142,"line":186},[140,314,180],{"class":167},[140,316,191],{"class":150},[140,318,194],{"class":146},[140,320,197],{"class":150},[140,322,323],{"class":146},"m",[140,325,203],{"class":154},[140,327,124],{"class":206},[140,329,203],{"class":154},[140,331,212],{"class":150},[140,333,334,336,338],{"class":142,"line":215},[140,335,218],{"class":167},[140,337,221],{"class":167},[140,339,224],{"class":150},[140,341,342,345,347,349,351,353],{"class":142,"line":227},[140,343,344],{"class":150},"  $user =~ ",[140,346,200],{"class":146},[140,348,203],{"class":154},[140,350,124],{"class":206},[140,352,209],{"class":154},[140,354,242],{"class":150},[140,356,357,359,361,363,365],{"class":142,"line":245},[140,358,230],{"class":146},[140,360,233],{"class":154},[140,362,236],{"class":150},[140,364,239],{"class":154},[140,366,242],{"class":150},[140,368,370],{"class":142,"line":369},7,[140,371,248],{"class":150},[108,373,268,375,114],{"id":374},"compliant-solution-apply",[43,376,377],{},"apply()",[39,379,380,381,384],{},"This compliant solution does the same thing but uses ",[43,382,383],{},"List::MoreUtils::apply()"," , which guarantees not to modify its input list.",[127,386,387],{"quality":279},[131,388,390],{"className":133,"code":389,"language":135,"meta":136,"style":136},"open( PASSWD, \"\u003C\", \"\u002Fetc\u002Fpasswd\") or croak \"error opening \u002Fetc\u002Fpasswd: stopped\"\nmy @users = \u003CPASSWD>;\nmy @shell_users = List::MoreUtils::apply { s|\u002Fbin\u002Fsh|| } @users;\nforeach my $user (@shell_users) {\n  print \"Shell User: $user\";\n}\n",[43,391,392,412,418,436,444,456],{"__ignoreMap":136},[140,393,394,396,398,400,402,404,406,408,410],{"class":142,"line":143},[140,395,147],{"class":146},[140,397,151],{"class":150},[140,399,155],{"class":154},[140,401,158],{"class":150},[140,403,161],{"class":154},[140,405,164],{"class":150},[140,407,168],{"class":167},[140,409,171],{"class":150},[140,411,174],{"class":154},[140,413,414,416],{"class":142,"line":177},[140,415,180],{"class":167},[140,417,183],{"class":150},[140,419,420,422,425,427,429,431,433],{"class":142,"line":186},[140,421,180],{"class":167},[140,423,424],{"class":150}," @shell_users = List::MoreUtils::apply { ",[140,426,200],{"class":146},[140,428,203],{"class":154},[140,430,124],{"class":206},[140,432,209],{"class":154},[140,434,435],{"class":150}," } @users;\n",[140,437,438,440,442],{"class":142,"line":215},[140,439,218],{"class":167},[140,441,221],{"class":167},[140,443,224],{"class":150},[140,445,446,448,450,452,454],{"class":142,"line":227},[140,447,230],{"class":146},[140,449,233],{"class":154},[140,451,236],{"class":150},[140,453,239],{"class":154},[140,455,242],{"class":150},[140,457,458],{"class":142,"line":245},[140,459,248],{"class":150},[108,461,463],{"id":462},"risk-assessment","Risk Assessment",[39,465,466],{},"Failure to handle error codes or other values returned by functions can lead to incorrect program flow and violations of data integrity.",[468,469,470,489],"table",{},[471,472,473],"thead",{},[474,475,476,479,481,483,485,487],"tr",{},[477,478],"th",{},[477,480],{},[477,482],{},[477,484],{},[477,486],{},[477,488],{},[490,491,492,513],"tbody",{},[474,493,494,498,501,504,507,510],{},[495,496,497],"td",{},"Recommendation",[495,499,500],{},"Severity",[495,502,503],{},"Likelihood",[495,505,506],{},"Remediation Cost",[495,508,509],{},"Priority",[495,511,512],{},"Level",[474,514,515,518,521,524,527,530],{},[495,516,517],{},"EXP07-PL",[495,519,520],{},"Medium",[495,522,523],{},"Likely",[495,525,526],{},"Low",[495,528,529],{},"P18",[495,531,532],{},"L1",[108,534,536],{"id":535},"automated-detection","Automated Detection",[468,538,539,547],{},[471,540,541],{},[474,542,543,545],{},[477,544],{},[477,546],{},[490,548,549,557,565],{},[474,550,551,554],{},[495,552,553],{},"Tool",[495,555,556],{},"Diagnostic",[474,558,559,562],{},[495,560,561],{},"Perl::Critic",[495,563,564],{},"ControlStructures::ProhibitMutatingListFunctions",[474,566,567,573],{},[495,568,569],{},[52,570,572],{"href":571},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer","Security Reviewer - Static Reviewer",[495,574,575],{},"PERL_D71",[108,577,579],{"id":578},"bibliography","Bibliography",[468,581,582,590],{},[471,583,584],{},[474,585,586,588],{},[477,587],{},[477,589],{},[490,591,592,605,621,634],{},[474,593,594,602],{},[495,595,596,597,601],{},"[ ",[52,598,600],{"href":599},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Conway05","Conway 2005"," ]",[495,603,604],{},"\"List Processing Side Effects,\" p. 114",[474,606,607,613],{},[495,608,596,609,601],{},[52,610,612],{"href":611},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-CPAN","CPAN",[495,614,615,616],{},"Bar, Graham. ",[52,617,620],{"href":618,"rel":619},"http:\u002F\u002Fsearch.cpan.org\u002F%7Egbarr\u002FScalar-List-Utils-1.23\u002Flib\u002FList\u002FUtil.pm",[56],"List::Utils",[474,622,623,627],{},[495,624,596,625,601],{},[52,626,612],{"href":611},[495,628,629,630],{},"Kennedy, Adam. ",[52,631,95],{"href":632,"rel":633},"http:\u002F\u002Fsearch.cpan.org\u002F%7Eadamk\u002FList-MoreUtils-0.33\u002Flib\u002FList\u002FMoreUtils.pm",[56],[474,635,636,642],{},[495,637,596,638,601],{},[52,639,641],{"href":640},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Manpages","Wall 2011",[495,643,644],{},[52,645,57],{"href":54,"rel":646},[56],[648,649],"hr",{},[39,651,652,659,660,659,666],{},[52,653,655],{"href":654},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-pl",[656,657],"img",{"src":658},"\u002Fattachments\u002F88890562\u002F88892207.png"," ",[52,661,663],{"href":662},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002F",[656,664],{"src":665},"\u002Fattachments\u002F88890562\u002F88892209.png",[52,667,669],{"href":668},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-pl",[656,670],{"src":671},"\u002Fattachments\u002F88890562\u002F88892208.png",[673,674,675],"style",{},"html pre.shiki code .sTrkL, html code.shiki .sTrkL{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#66D9EF}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sFxd3, html code.shiki .sFxd3{--shiki-default:#032F62;--shiki-dark:#DBEDFF;--shiki-sepia:#E6DB74}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}",{"title":136,"searchDepth":177,"depth":177,"links":677},[678,680,682,684,685,686],{"id":110,"depth":177,"text":679},"Noncompliant Code Example ( grep() )",{"id":267,"depth":177,"text":681},"Compliant Solution ( grep() )",{"id":374,"depth":177,"text":683},"Compliant Solution ( apply() )",{"id":462,"depth":177,"text":463},{"id":535,"depth":177,"text":536},{"id":578,"depth":177,"text":579},"Perl provides several functions for list manipulation. For instance, the map() function takes an expression or block, applies it to each element in a list, and returns the list of mapped elements. If it is given a block, the block is executed with $_ assigned to each element of the list in turn. The perlfunc manpage adds:","md",{"tags":690},[691,692],"recommendation","exp","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-pl",{"title":30,"description":687},"7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F7.exp07-pl","J4qgm--VIoUAICYsXvCI9QMiD8YfDN9CILBYuBe3b1Q",[698,702],{"title":699,"path":700,"stem":701,"children":-1},"EXP06-PL. Do not use an array in an implicit scalar context","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp06-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F6.exp06-pl",{"title":703,"path":704,"stem":705,"children":-1},"EXP08-PL. Do not use the one-argument form of select()","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F8.exp08-pl",[707],{"title":708,"path":709,"stem":710,"children":711},"SEI CERT Perl Coding Standard","\u002Fsei-cert-perl-coding-standard","7.sei-cert-perl-coding-standard\u002F1.index",[712,713,768,898,1037],{"title":708,"path":709,"stem":710},{"title":714,"path":715,"stem":716,"children":717},"Front Matter","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F1.index",[718,719,723],{"title":714,"path":715,"stem":716},{"title":720,"path":721,"stem":722},"Deprecations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fdeprecations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F2.deprecations",{"title":724,"path":725,"stem":726,"children":727},"Introduction","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.index",[728,729,733,737,741,745,749,753,756,760,764],{"title":724,"path":725,"stem":726},{"title":730,"path":731,"stem":732},"Scope","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.scope",{"title":734,"path":735,"stem":736},"Tool Selection and Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F02.tool-selection-and-validation",{"title":738,"path":739,"stem":740},"Rules versus Recommendations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F03.rules-versus-recommendations",{"title":742,"path":743,"stem":744},"Development Process","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F04.development-process",{"title":746,"path":747,"stem":748},"Usage","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F05.usage",{"title":750,"path":751,"stem":752},"System Qualities","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F06.system-qualities",{"title":463,"path":754,"stem":755},"\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frisk-assessment","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F07.risk-assessment",{"title":757,"path":758,"stem":759},"Source Code Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsource-code-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F08.source-code-validation",{"title":761,"path":762,"stem":763},"Automatically Generated Code","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F09.automatically-generated-code",{"title":765,"path":766,"stem":767},"Acknowledgements","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgements","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F11.acknowledgements",{"title":769,"path":770,"stem":771,"children":772},"Rules","\u002Fsei-cert-perl-coding-standard\u002Frules","7.sei-cert-perl-coding-standard\u002F3.rules\u002F1.index",[773,774,792,816,826,856,860,874,884],{"title":769,"path":770,"stem":771},{"title":775,"path":776,"stem":777,"children":778},"Declarations and Initialization (DCL)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F1.index",[779,780,784,788],{"title":775,"path":776,"stem":777},{"title":781,"path":782,"stem":783},"DCL30-PL. Do not import deprecated modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F2.dcl30-pl",{"title":785,"path":786,"stem":787},"DCL31-PL. Do not overload reserved keywords or subroutines","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F3.dcl31-pl",{"title":789,"path":790,"stem":791},"DCL33-PL. Declare identifiers before using them","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F4.dcl33-pl",{"title":793,"path":794,"stem":795,"children":796},"Expressions (EXP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F1.index",[797,798,802,806,810,813],{"title":793,"path":794,"stem":795},{"title":799,"path":800,"stem":801},"EXP30-PL. Do not use deprecated or obsolete functions or modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F2.exp30-pl",{"title":803,"path":804,"stem":805},"EXP31-PL. Do not suppress or ignore exceptions","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F3.exp31-pl",{"title":807,"path":808,"stem":809},"EXP32-PL. Do not ignore function return values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F4.exp32-pl",{"title":811,"path":654,"stem":812},"EXP33-PL. Do not invoke a function in a context for which it is not defined","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F5.exp33-pl",{"title":814,"path":668,"stem":815},"EXP35-PL. Use the correct operator type for comparing values","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F6.exp35-pl",{"title":817,"path":818,"stem":819,"children":820},"File Input and Output (FIO)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F1.index",[821,822],{"title":817,"path":818,"stem":819},{"title":823,"path":824,"stem":825},"FIO30-PL. Use compatible character encodings when performing network or file I\u002FO","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio\u002Ffio30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F2.fio30-pl",{"title":827,"path":828,"stem":829,"children":830},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[831,832,836,840,844,848,852],{"title":827,"path":828,"stem":829},{"title":833,"path":834,"stem":835},"IDS30-PL. Exclude user input from format strings","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids30-pl",{"title":837,"path":838,"stem":839},"IDS31-PL. Do not use the two-argument form of open()","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids31-pl",{"title":841,"path":842,"stem":843},"IDS32-PL. Validate any integer that is used as an array index","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F4.ids32-pl",{"title":845,"path":846,"stem":847},"IDS33-PL. Sanitize untrusted data passed across a trust boundary","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F5.ids33-pl",{"title":849,"path":850,"stem":851},"IDS34-PL. Do not pass untrusted, unsanitized data to a command interpreter","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids34-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F6.ids34-pl",{"title":853,"path":854,"stem":855},"IDS35-PL. Do not invoke the eval form with a string argument","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F7.ids35-pl",{"title":857,"path":858,"stem":859},"Integers (INT)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F3.rules\u002F6.integers-int",{"title":861,"path":862,"stem":863,"children":864},"Miscellaneous (MSC)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F1.index",[865,866,870],{"title":861,"path":862,"stem":863},{"title":867,"path":868,"stem":869},"MSC31-PL. Do not embed global statements","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F2.msc31-pl",{"title":871,"path":872,"stem":873},"MSC32-PL. Do not provide a module's version value from outside the module","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F3.msc32-pl",{"title":875,"path":876,"stem":877,"children":878},"Object-Oriented Programming (OOP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F1.index",[879,880],{"title":875,"path":876,"stem":877},{"title":881,"path":882,"stem":883},"OOP32-PL. Prohibit indirect object call syntax","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop\u002Foop32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F2.oop32-pl",{"title":885,"path":886,"stem":887,"children":888},"Strings (STR)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F1.index",[889,890,894],{"title":885,"path":886,"stem":887},{"title":891,"path":892,"stem":893},"STR30-PL. Capture variables should be read only immediately after a successful regex match","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F2.str30-pl",{"title":895,"path":896,"stem":897},"STR31-PL. Do not pass string literals to functions expecting regexes","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F3.str31-pl",{"title":899,"path":900,"stem":901,"children":902},"Recommendations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F1.index",[903,904,933,957,970,983,996,1021,1034],{"title":899,"path":900,"stem":901},{"title":775,"path":905,"stem":906,"children":907},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F1.index",[908,909,913,917,921,925,929],{"title":775,"path":905,"stem":906},{"title":910,"path":911,"stem":912},"DCL00-PL. Do not use subroutine prototypes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F2.dcl00-pl",{"title":914,"path":915,"stem":916},"DCL01-PL. Do not reuse variable names in subscopes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F3.dcl01-pl",{"title":918,"path":919,"stem":920},"DCL02-PL. Any modified punctuation variable should be declared local","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F4.dcl02-pl",{"title":922,"path":923,"stem":924},"DCL03-PL. Do not read a foreach iterator variable after the loop has completed","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F5.dcl03-pl",{"title":926,"path":927,"stem":928},"DCL04-PL. Always initialize local variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F6.dcl04-pl",{"title":930,"path":931,"stem":932},"DCL05-PL. Prohibit Perl4 package names","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F7.dcl05-pl",{"title":793,"path":934,"stem":935,"children":936},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F1.index",[937,938,942,946,950,954,955,956],{"title":793,"path":934,"stem":935},{"title":939,"path":940,"stem":941},"EXP00-PL. Do not return undef","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F2.exp00-pl",{"title":943,"path":944,"stem":945},"EXP01-PL. Do not depend on the return value of functions that lack a return statement","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F3.exp01-pl",{"title":947,"path":948,"stem":949},"EXP03-PL. Do not diminish the benefits of constants by assuming their values in expressions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F4.exp03-pl",{"title":951,"path":952,"stem":953},"EXP04-PL. Do not mix the early-precedence logical operators with late-precedence logical operators","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F5.exp04-pl",{"title":699,"path":700,"stem":701},{"title":30,"path":693,"stem":695},{"title":703,"path":704,"stem":705},{"title":817,"path":958,"stem":959,"children":960},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F1.index",[961,962,966],{"title":817,"path":958,"stem":959},{"title":963,"path":964,"stem":965},"FIO00-PL. Do not use bareword file handles","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F2.fio00-pl",{"title":967,"path":968,"stem":969},"FIO01-PL. Do not operate on files that can be modified by untrusted users","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F3.fio01-pl",{"title":827,"path":971,"stem":972,"children":973},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[974,975,979],{"title":827,"path":971,"stem":972},{"title":976,"path":977,"stem":978},"IDS00-PL. Canonicalize path names before validating them","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids00-pl",{"title":980,"path":981,"stem":982},"IDS01-PL. Use taint mode while being aware of its limitations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids01-pl",{"title":857,"path":984,"stem":985,"children":986},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F1.index",[987,988,992],{"title":857,"path":984,"stem":985},{"title":989,"path":990,"stem":991},"INT00-PL. Do not prepend leading zeroes to integer literals","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F2.int00-pl",{"title":993,"path":994,"stem":995},"INT01-PL. Use small integers when precise computation is required","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F3.int01-pl",{"title":861,"path":997,"stem":998,"children":999},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F1.index",[1000,1001,1005,1009,1013,1017],{"title":861,"path":997,"stem":998},{"title":1002,"path":1003,"stem":1004},"MSC00-PL. Detect and remove dead code","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F2.msc00-pl",{"title":1006,"path":1007,"stem":1008},"MSC01-PL. Detect and remove unused variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F3.msc01-pl",{"title":1010,"path":1011,"stem":1012},"MSC02-PL. Run programs with full warnings and strict checking","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F4.msc02-pl",{"title":1014,"path":1015,"stem":1016},"MSC03-PL. Do not use select() to sleep","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F5.msc03-pl",{"title":1018,"path":1019,"stem":1020},"MSC04-PL. Do not use comma to separate statements","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F6.msc04-pl",{"title":875,"path":1022,"stem":1023,"children":1024},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F1.index",[1025,1026,1030],{"title":875,"path":1022,"stem":1023},{"title":1027,"path":1028,"stem":1029},"OOP00-PL. Do not signify inheritence at runtime","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F2.oop00-pl",{"title":1031,"path":1032,"stem":1033},"OOP01-PL. Do not access private variables or subroutines in other packages","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F3.oop01-pl",{"title":885,"path":1035,"stem":1036},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F9.strings-str",{"title":1038,"path":1039,"stem":1040,"children":1041},"Back Matter","\u002Fsei-cert-perl-coding-standard\u002Fback-matter","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F1.index",[1042,1043,1047,1075],{"title":1038,"path":1039,"stem":1040},{"title":1044,"path":1045,"stem":1046},"AA. Bibliography","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F2.aa-bibliography",{"title":1048,"path":1049,"stem":1050,"children":1051},"BB. Analyzers","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F1.index",[1052,1053,1057,1061,1065,1069,1071],{"title":1048,"path":1049,"stem":1050},{"title":1054,"path":1055,"stem":1056},"Critic","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F2.critic",{"title":1058,"path":1059,"stem":1060},"Critic_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F3.critic_v",{"title":1062,"path":1063,"stem":1064},"Lint","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F4.lint",{"title":1066,"path":1067,"stem":1068},"Lint_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F5.lint_v",{"title":572,"path":571,"stem":1070},"7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F6.security-reviewer-static-reviewer",{"title":1072,"path":1073,"stem":1074},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F7.security-reviewer-static-reviewer_v",{"title":1076,"path":1077,"stem":1078},"CC. Risk Assessments","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fcc-risk-assessments","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F4.cc-risk-assessments",1775657795064]