[{"data":1,"prerenderedAt":2272},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio01-pl":28,"surround-\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio01-pl":1894,"sidebar-sei-cert-perl-coding-standard":1902},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":41,"extension":1885,"meta":1886,"navigation":7,"path":1890,"seo":1891,"stem":1892,"__hash__":1893},"content\u002F7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F3.fio01-pl.md","FIO01-PL. Do not operate on files that can be modified by untrusted users",{"type":32,"value":33,"toc":1869},"minimark",[34,38,42,45,53,56,61,72,75,78,82,103,112,122,125,187,194,198,201,204,207,210,226,230,242,323,326,330,333,449,456,464,477,581,584,588,605,802,805,817,821,829,836,1384,1387,1390,1393,1407,1410,1419,1528,1532,1539,1543,1546,1611,1615,1682,1686,1737,1741,1840,1843,1865],[35,36,30],"h1",{"id":37},"fio01-pl-do-not-operate-on-files-that-can-be-modified-by-untrusted-users",[39,40,41],"p",{},"Multiuser systems allow multiple users with different privileges to share a file system. Each user in such an environment must be able to determine which files are shared and which are private, and each user must be able to enforce these decisions.",[39,43,44],{},"Unfortunately, a wide variety of file system vulnerabilities can be exploited by an attacker to gain access to files for which they lack sufficient privileges, particularly when operating on files that reside in shared directories in which multiple users may create, move, or delete files. Privilege escalation is also possible when programs that access these files run with elevated privileges. Many file system properties and capabilities can be exploited by an attacker, including file links, device files, and shared file access. To prevent vulnerabilities, a program must operate only on files in secure directories.",[39,46,47,48,52],{},"The security of a directory depends on the security policy applied to a program. A program typically runs with the privileges of a particular user, and its policy will regard that user as trusted. Its policy may also regard some or all other users as untrusted. Any reasonable security policy must also regard the root user as trusted, as there is no protection from a malicious user with root privileges. For a particular security policy that may apply to a program, a directory is secure if only trusted users are allowed to create, move, or delete files inside that directory. Furthermore, each parent directory must itself be a secure directory up to and including the root directory. On most systems, home or user directories are secure by default and only explicitly shared directories, such as ",[49,50,51],"code",{},"\u002Ftmp"," , are insecure.",[39,54,55],{},"Programs with elevated privileges may need to write files to directories owned by unprivileged users. One example would be a mail daemon that reads a mail message from one user and places it in a directory owned by another user. Any such program should have a security policy dictating which users are trusted. For example, the mail daemon should trust only the user sending the message when gathering the mail to be sent and then trust only the user receiving the message when delivering it.",[57,58,60],"h2",{"id":59},"file-links","File Links",[39,62,63,64,67,68,71],{},"Many operating systems support file links, including symbolic (soft) links, hard links, shortcuts, shadows, aliases, and junctions. In POSIX, symbolic links can be created using the ",[49,65,66],{},"  ln -s "," command and hard links using the ",[49,69,70],{},"ln"," command. Hard links are indistinguishable from normal files on POSIX systems.",[39,73,74],{},"Three file link types are supported in Windows NTFS (New Technology File System): hard links, junctions, and symbolic links. Symbolic links are available in NTFS starting with Windows Vista.",[39,76,77],{},"File links can create security issues for programs that fail to consider the possibility that a file being opened may actually be a link to a different file. This is especially dangerous when the vulnerable program is running with elevated privileges. When creating new files, an application running with elevated privileges may erroneously overwrite an existing file that resides outside the directory it expected.",[57,79,81],{"id":80},"device-files","Device Files",[39,83,84,85,88,89,88,92,88,95,98,99,102],{},"File names on many operating systems may be used to access device files. Device files are used to access hardware and peripherals. Reserved MS-DOS device names include ",[49,86,87],{},"AUX"," , ",[49,90,91],{},"CON",[49,93,94],{},"PRN",[49,96,97],{},"COM1"," , and ",[49,100,101],{},"LPT1"," . Character special files and block special files are POSIX device files that direct operations on the files to the appropriate device drivers.",[39,104,105,106,111],{},"Performing operations on device files intended only for ordinary character or binary files can result in crashes and denial-of-service (DoS) attacks. For example, when Windows attempts to interpret a device name as a file resource, it performs an invalid resource access that usually results in a crash [ ",[107,108,110],"a",{"href":109},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography","Howard 2002"," ].",[39,113,114,115,118,119,111],{},"Device files in POSIX can be a security risk when an attacker can trick a program into accessing them in an unauthorized way. For instance, if malicious programs can read or write to the ",[49,116,117],{},"\u002Fdev\u002Fkmem"," device file, they may be able to alter their own priority, user ID, or other attributes of their process, or they may simply crash the system. Similarly, access to disk devices, tape devices, network devices, and terminals being used by other processes can also lead to problems [ ",[107,120,121],{"href":109},"Garfinkel 1996",[39,123,124],{},"On Linux, it is possible to lock certain applications by attempting to read or write data on devices rather than files. Consider the following device path names:",[126,127,132],"pre",{"className":128,"code":129,"language":130,"meta":131,"style":131},"language-java shiki shiki-themes github-light github-dark monokai","\u002Fdev\u002Fmouse\n\u002Fdev\u002Fconsole\n\u002Fdev\u002Ftty0\n\u002Fdev\u002Fzero\n","java","",[49,133,134,151,163,175],{"__ignoreMap":131},[135,136,139,142,146,148],"span",{"class":137,"line":138},"line",1,[135,140,6],{"class":141},"sC2Qs",[135,143,145],{"class":144},"sMOD_","dev",[135,147,6],{"class":141},[135,149,150],{"class":144},"mouse\n",[135,152,154,156,158,160],{"class":137,"line":153},2,[135,155,6],{"class":141},[135,157,145],{"class":144},[135,159,6],{"class":141},[135,161,162],{"class":144},"console\n",[135,164,166,168,170,172],{"class":137,"line":165},3,[135,167,6],{"class":141},[135,169,145],{"class":144},[135,171,6],{"class":141},[135,173,174],{"class":144},"tty0\n",[135,176,178,180,182,184],{"class":137,"line":177},4,[135,179,6],{"class":141},[135,181,145],{"class":144},[135,183,6],{"class":141},[135,185,186],{"class":144},"zero\n",[39,188,189,190,193],{},"A web browser that failed to check for these devices would allow an attacker to create a website with image tags such as ",[49,191,192],{},"  \u003CIMG src=\"file:\u002F\u002F\u002Fdev\u002Fmouse\"> "," that would lock the user's mouse.",[57,195,197],{"id":196},"shared-file-access","Shared File Access",[39,199,200],{},"On many systems, files can be simultaneously accessed by concurrent processes. Exclusive access grants unrestricted file access to the locking process while denying access to all other processes, eliminating the potential for a race condition on the locked region.",[39,202,203],{},"Some platforms provide various forms of file locking. Shared locks support concurrent read access from multiple processes; exclusive locks support exclusive write access. File locks provide protection across processes, but they do not provide protection from multiple threads within a single process. Both shared locks and exclusive locks eliminate the potential for a cross-process race condition on the locked region. Exclusive locks provide mutual exclusion; shared locks prevent alteration of the state of the locked file region (one of the required properties for a data race).",[39,205,206],{},"Microsoft Windows uses a mandatory file-locking mechanism that prevents processes from accessing a locked file region.",[39,208,209],{},"Linux implements both mandatory locks and advisory locks. Advisory locks are not enforced by the operating system, which diminishes their value from a security perspective. Unfortunately, the mandatory file lock in Linux is generally impractical because",[211,212,213,217,220,223],"ul",{},[214,215,216],"li",{},"mandatory locking is supported only by certain network file systems.",[214,218,219],{},"file systems must be mounted with support for mandatory locking, which is disabled by default.",[214,221,222],{},"locking relies on the group ID bit, which can be turned off by another process (thereby defeating the lock).",[214,224,225],{},"the lock is implicitly dropped if the holding process closes any descriptor of the file.",[57,227,229],{"id":228},"noncompliant-code-example","Noncompliant Code Example",[39,231,232,233,236,237,241],{},"This noncompliant code example opens a file whose name is provided by the user. It calls ",[49,234,235],{},"croak()"," if the open was unsuccessful, as required by ",[107,238,240],{"href":239},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-pl","EXP30-PL. Do not use deprecated or obsolete functions or modules"," .",[243,244,246],"code-block",{"quality":245},"bad",[126,247,251],{"className":248,"code":249,"language":250,"meta":131,"style":131},"language-perl shiki shiki-themes github-light github-dark monokai","use Carp;\n\nmy $file = # provided by user\nopen( my $in, \"\u003C\", $file) or croak \"error opening $file\";\n# ... work with FILE and close it\n","perl",[49,252,253,261,266,278,317],{"__ignoreMap":131},[135,254,255,258],{"class":137,"line":138},[135,256,257],{"class":141},"use",[135,259,260],{"class":144}," Carp;\n",[135,262,263],{"class":137,"line":153},[135,264,265],{"emptyLinePlaceholder":7},"\n",[135,267,268,271,274],{"class":137,"line":165},[135,269,270],{"class":141},"my",[135,272,273],{"class":144}," $file = ",[135,275,277],{"class":276},"s8-w5","# provided by user\n",[135,279,280,284,287,289,292,296,299,302,305,308,311,314],{"class":137,"line":177},[135,281,283],{"class":282},"sTrkL","open",[135,285,286],{"class":144},"( ",[135,288,270],{"class":141},[135,290,291],{"class":144}," $in, ",[135,293,295],{"class":294},"sstjo","\"\u003C\"",[135,297,298],{"class":144},", $file) ",[135,300,301],{"class":141},"or",[135,303,304],{"class":144}," croak ",[135,306,307],{"class":294},"\"error opening ",[135,309,310],{"class":144},"$file",[135,312,313],{"class":294},"\"",[135,315,316],{"class":144},";\n",[135,318,320],{"class":137,"line":319},5,[135,321,322],{"class":276},"# ... work with FILE and close it\n",[39,324,325],{},"Unfortunately, an attacker could specify the name of a locked device or a first in, first out (FIFO) file, causing the program to hang when opening the file.",[57,327,329],{"id":328},"noncompliant-code-example-regular-file","Noncompliant Code Example (Regular File)",[39,331,332],{},"This noncompliant code example first checks that the file is a regular file before opening it.",[243,334,335],{"quality":245},[126,336,338],{"className":248,"code":337,"language":250,"meta":131,"style":131},"use Carp;\nuse Fcntl ':mode';\nmy $path = $ARGV[0]; # provided by user\n\n# Check that file is regular\nmy $mode = (stat($path))[2] or croak \"Can't run stat\";\ncroak \"Not a regular file\" if (S_IFREG & $mode) == 0;\n\nopen( my $in, \"\u003C\", $path) or croak \"Can't open file\";\n# ... work with FILE and close it\n",[49,339,340,346,358,367,371,376,399,414,419,444],{"__ignoreMap":131},[135,341,342,344],{"class":137,"line":138},[135,343,257],{"class":141},[135,345,260],{"class":144},[135,347,348,350,353,356],{"class":137,"line":153},[135,349,257],{"class":141},[135,351,352],{"class":144}," Fcntl ",[135,354,355],{"class":294},"':mode'",[135,357,316],{"class":144},[135,359,360,362,365],{"class":137,"line":165},[135,361,270],{"class":141},[135,363,364],{"class":144}," $path = $ARGV[0]; ",[135,366,277],{"class":276},[135,368,369],{"class":137,"line":177},[135,370,265],{"emptyLinePlaceholder":7},[135,372,373],{"class":137,"line":319},[135,374,375],{"class":276},"# Check that file is regular\n",[135,377,379,381,384,387,390,392,394,397],{"class":137,"line":378},6,[135,380,270],{"class":141},[135,382,383],{"class":144}," $mode = (",[135,385,386],{"class":282},"stat",[135,388,389],{"class":144},"($path))[2] ",[135,391,301],{"class":141},[135,393,304],{"class":144},[135,395,396],{"class":294},"\"Can't run stat\"",[135,398,316],{"class":144},[135,400,402,405,408,411],{"class":137,"line":401},7,[135,403,404],{"class":144},"croak ",[135,406,407],{"class":294},"\"Not a regular file\"",[135,409,410],{"class":141}," if",[135,412,413],{"class":144}," (S_IFREG & $mode) == 0;\n",[135,415,417],{"class":137,"line":416},8,[135,418,265],{"emptyLinePlaceholder":7},[135,420,422,424,426,428,430,432,435,437,439,442],{"class":137,"line":421},9,[135,423,283],{"class":282},[135,425,286],{"class":144},[135,427,270],{"class":141},[135,429,291],{"class":144},[135,431,295],{"class":294},[135,433,434],{"class":144},", $path) ",[135,436,301],{"class":141},[135,438,304],{"class":144},[135,440,441],{"class":294},"\"Can't open file\"",[135,443,316],{"class":144},[135,445,447],{"class":137,"line":446},10,[135,448,322],{"class":276},[39,450,451,452,455],{},"This test can still be circumvented by a symbolic link. By default, the ",[49,453,454],{},"stat()"," built-in function follows symbolic links and reads the file attributes of the final target of the link. The result is that the program may reference a file other than the one intended.",[57,457,459,460,463],{"id":458},"noncompliant-code-example-lstat","Noncompliant Code Example ( ",[49,461,462],{},"lstat()"," )",[39,465,466,467,469,470,473,474,476],{},"This noncompliant code example gets the file's information by calling ",[49,468,462],{}," rather than ",[49,471,472],{},"{[stat()}}"," . The ",[49,475,462],{}," system call does not follow symbolic links, and it provides information about the link itself rather than the file. Consequently, this code correctly identifies a symbolic link as not being a regular file.",[243,478,479],{"quality":245},[126,480,482],{"className":248,"code":481,"language":250,"meta":131,"style":131},"use Carp;\nuse Fcntl ':mode';\n\nmy $path = $ARGV[0]; # provided by user\n\n# Check that file is regular\nmy $mode = (lstat($path))[2] or croak \"Can't run lstat\";\ncroak \"Not a regular file\" if (S_IFREG & $mode) == 0;\n\nopen( my $in, \"\u003C\", $path) or croak \"Can't open file\";\n# ... work with FILE and close it\n",[49,483,484,490,500,504,512,516,520,540,550,554,576],{"__ignoreMap":131},[135,485,486,488],{"class":137,"line":138},[135,487,257],{"class":141},[135,489,260],{"class":144},[135,491,492,494,496,498],{"class":137,"line":153},[135,493,257],{"class":141},[135,495,352],{"class":144},[135,497,355],{"class":294},[135,499,316],{"class":144},[135,501,502],{"class":137,"line":165},[135,503,265],{"emptyLinePlaceholder":7},[135,505,506,508,510],{"class":137,"line":177},[135,507,270],{"class":141},[135,509,364],{"class":144},[135,511,277],{"class":276},[135,513,514],{"class":137,"line":319},[135,515,265],{"emptyLinePlaceholder":7},[135,517,518],{"class":137,"line":378},[135,519,375],{"class":276},[135,521,522,524,526,529,531,533,535,538],{"class":137,"line":401},[135,523,270],{"class":141},[135,525,383],{"class":144},[135,527,528],{"class":282},"lstat",[135,530,389],{"class":144},[135,532,301],{"class":141},[135,534,304],{"class":144},[135,536,537],{"class":294},"\"Can't run lstat\"",[135,539,316],{"class":144},[135,541,542,544,546,548],{"class":137,"line":416},[135,543,404],{"class":144},[135,545,407],{"class":294},[135,547,410],{"class":141},[135,549,413],{"class":144},[135,551,552],{"class":137,"line":421},[135,553,265],{"emptyLinePlaceholder":7},[135,555,556,558,560,562,564,566,568,570,572,574],{"class":137,"line":446},[135,557,283],{"class":282},[135,559,286],{"class":144},[135,561,270],{"class":141},[135,563,291],{"class":144},[135,565,295],{"class":294},[135,567,434],{"class":144},[135,569,301],{"class":141},[135,571,304],{"class":144},[135,573,441],{"class":294},[135,575,316],{"class":144},[135,577,579],{"class":137,"line":578},11,[135,580,322],{"class":276},[39,582,583],{},"This code is still vulnerable to a time-of-check, time-of-use (TOCTOU) race condition. For example, an attacker can replace the regular file with a file link or device file after the code has completed its checks but before it opens the file.",[57,585,587],{"id":586},"noncompliant-code-example-check-use-check","Noncompliant Code Example (Check-Use-Check)",[39,589,590,591,593,594,597,598,601,602,604],{},"This noncompliant code example performs the necessary ",[49,592,462],{}," check and then opens the file using the ",[49,595,596],{},"POSIX::open()"," function to obtain a file descriptor. After opening the file, it performs a second check to make sure that the file has not been moved and that the file opened is the same file that was checked. This check is accomplished using ",[49,599,600],{},"POSIX::fstat()"," , which returns the same information as ",[49,603,462],{}," but operates on open file descriptors rather than file names. It does leave a race window open between the first check and the open but subsequently detects if an attacker has changed the file during the race window. In both checks, the file's device and i-node attributes are examined. On POSIX systems, the device and i-node serve as a unique key for identifying files, which is a more reliable indicator of the file's identity than its path name.",[243,606,607],{"quality":245},[126,608,610],{"className":248,"code":609,"language":250,"meta":131,"style":131},"use Carp;\nuse Fcntl ':mode';\nuse POSIX;\n\nmy $path = $ARGV[0]; # provided by user\n\n# Check that file is regular\nmy ($device, $inode, $mode, @rest) = lstat($path) or croak \"Can't run lstat\";\ncroak \"Not a regular file\" if (S_IFREG & $mode) == 0;\n\nmy $fd = POSIX::open($path, O_RDONLY) or croak \"Can't open file\";\n# note: fd is a POSIX file descriptor, NOT a perl filehandle!\n\nmy ($fdevice, $finode, $fmode, @frest) = POSIX::fstat($fd) or croak \"Can't run fstat\";\ncroak \"File has been tampered with\" if $fdevice ne $device or $finode ne $inode;\n\nopen( my $in, \"\u003C&\", $fd) or croak \"Can't open file descriptor\";\n# ... work with FILE and close it\n",[49,611,612,618,628,635,639,647,651,655,675,685,689,709,715,720,737,766,771,797],{"__ignoreMap":131},[135,613,614,616],{"class":137,"line":138},[135,615,257],{"class":141},[135,617,260],{"class":144},[135,619,620,622,624,626],{"class":137,"line":153},[135,621,257],{"class":141},[135,623,352],{"class":144},[135,625,355],{"class":294},[135,627,316],{"class":144},[135,629,630,632],{"class":137,"line":165},[135,631,257],{"class":141},[135,633,634],{"class":144}," POSIX;\n",[135,636,637],{"class":137,"line":177},[135,638,265],{"emptyLinePlaceholder":7},[135,640,641,643,645],{"class":137,"line":319},[135,642,270],{"class":141},[135,644,364],{"class":144},[135,646,277],{"class":276},[135,648,649],{"class":137,"line":378},[135,650,265],{"emptyLinePlaceholder":7},[135,652,653],{"class":137,"line":401},[135,654,375],{"class":276},[135,656,657,659,662,664,667,669,671,673],{"class":137,"line":416},[135,658,270],{"class":141},[135,660,661],{"class":144}," ($device, $inode, $mode, @rest) = ",[135,663,528],{"class":282},[135,665,666],{"class":144},"($path) ",[135,668,301],{"class":141},[135,670,304],{"class":144},[135,672,537],{"class":294},[135,674,316],{"class":144},[135,676,677,679,681,683],{"class":137,"line":421},[135,678,404],{"class":144},[135,680,407],{"class":294},[135,682,410],{"class":141},[135,684,413],{"class":144},[135,686,687],{"class":137,"line":446},[135,688,265],{"emptyLinePlaceholder":7},[135,690,691,693,696,698,701,703,705,707],{"class":137,"line":578},[135,692,270],{"class":141},[135,694,695],{"class":144}," $fd = POSIX::",[135,697,283],{"class":282},[135,699,700],{"class":144},"($path, O_RDONLY) ",[135,702,301],{"class":141},[135,704,304],{"class":144},[135,706,441],{"class":294},[135,708,316],{"class":144},[135,710,712],{"class":137,"line":711},12,[135,713,714],{"class":276},"# note: fd is a POSIX file descriptor, NOT a perl filehandle!\n",[135,716,718],{"class":137,"line":717},13,[135,719,265],{"emptyLinePlaceholder":7},[135,721,723,725,728,730,732,735],{"class":137,"line":722},14,[135,724,270],{"class":141},[135,726,727],{"class":144}," ($fdevice, $finode, $fmode, @frest) = POSIX::fstat($fd) ",[135,729,301],{"class":141},[135,731,304],{"class":144},[135,733,734],{"class":294},"\"Can't run fstat\"",[135,736,316],{"class":144},[135,738,740,742,745,747,750,753,756,758,761,763],{"class":137,"line":739},15,[135,741,404],{"class":144},[135,743,744],{"class":294},"\"File has been tampered with\"",[135,746,410],{"class":141},[135,748,749],{"class":144}," $fdevice ",[135,751,752],{"class":282},"ne",[135,754,755],{"class":144}," $device ",[135,757,301],{"class":141},[135,759,760],{"class":144}," $finode ",[135,762,752],{"class":282},[135,764,765],{"class":144}," $inode;\n",[135,767,769],{"class":137,"line":768},16,[135,770,265],{"emptyLinePlaceholder":7},[135,772,774,776,778,780,782,785,788,790,792,795],{"class":137,"line":773},17,[135,775,283],{"class":282},[135,777,286],{"class":144},[135,779,270],{"class":141},[135,781,291],{"class":144},[135,783,784],{"class":294},"\"\u003C&\"",[135,786,787],{"class":144},", $fd) ",[135,789,301],{"class":141},[135,791,304],{"class":144},[135,793,794],{"class":294},"\"Can't open file descriptor\"",[135,796,316],{"class":144},[135,798,800],{"class":137,"line":799},18,[135,801,322],{"class":276},[39,803,804],{},"Although this code goes to great lengths to prevent an attacker from successfully tricking it into opening the wrong file, it still has several vulnerabilities:",[211,806,807,810],{},[214,808,809],{},"The TOCTOU race condition still exists between the first check and open. During this race window, an attacker can replace the regular file with a symbolic link or other nonregular file. The second check detects this race condition but does not eliminate it.",[214,811,812,813,241],{},"A system with hard links allows an attacker to construct a malicious file that is a hard link to a protected file. Hard links cannot be reliably detected by a program and can foil canonicalization attempts, which are prescribed by ",[107,814,816],{"href":815},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids00-pl","IDS00-PL. Canonicalize path names before validating them",[57,818,820],{"id":819},"compliant-solution-secure-path","Compliant Solution (Secure Path)",[39,822,823,824,828],{},"Because of the potential for race conditions and the inherent accessibility of shared directories by untrusted users, files must be operated on only by secure paths. A ",[825,826,827],"em",{},"secure path"," is a directory that cannot be moved or deleted by untrusted users. Furthermore, its parent path, grandparent path, and so on up to the root, must also be secure, and if the path includes any symbolic links, both the link's target path and the path containing the link must be secure paths. Because programs may run with reduced privileges and lack the facilities to construct a secure path, a program may need to abort if it determines that a given path is not secure.",[39,830,831,832,835],{},"Following is a POSIX-specific implementation of an ",[49,833,834],{},"is_secure_path()"," subroutine. This function ensures that the file in the supplied path and all directories above it are secure paths.",[243,837,839],{"quality":838},"good",[126,840,842],{"className":248,"code":841,"language":250,"meta":131,"style":131},"use Carp;\nuse Fcntl ':mode';\n\n# Fail if symlinks nest more than this many times\nmy $max_symlinks = 5;\n\n# Indicates if a particular path is secure, including that parent directories\n# are secure. If path contains symlinks, ensures symlink targets are also secure\n# Path need not be absolute and can have trailing \u002F.\nsub is_secure_path {\n  my ($path) = @_;\n\n  # trim trailing \u002F\n  chop $path if $path =~ m@\u002F$@; # This could turn root dir into empty string.\n  # make sure path is absolute\n  $path = $ENV{\"PWD\"} . \"\u002F\" . $path if $path !~ m@^\u002F@;\n\n  return is_secure_path_aux( $path, $max_symlinks);\n}\n\n# Helper to is_secure_path. Requires absolute path, w\u002Fo trailing \u002F\n# Also accepts empty string, interpreted as root path.\nsub is_secure_path_aux {\n  my ($path, $symlinks) = @_;\n\n  # Fail if too many levels of symbolic links\n  return 0 if $symlinks \u003C= 0;\n\n  # Fail if parent path not secure\n  if ($path =~ m@(^.*)(\u002F[^\u002F]+)@) {\n    my $parent = $1;\n    return 0 if !is_secure_path_aux( $parent, $max_symlinks);\n  } else {\n    # No parent; path is root dir, proceed\n    $path = \"\u002F\";\n  }\n\n  # If path is symlink, check that linked-to path is also secure\n  if (-l $path) {\n    my $target = readlink $path or croak \"Can't read symlink, stopped\";\n    return 0 if !is_secure_path_aux( $target, $max_symlinks-1);\n  }\n\n  return is_secure_dir( $path);\n}\n\n\n# Indicates if a particular path is secure. Does no checks on parent\n# directories or symlinks.\nsub is_secure_dir {\n  my ($path) = @_;\n\n  # We use owner uid and permissions mode, from path's i-node\n  my ($dummy1, $dummy2, $mode, $dummy3, $uid, @dummy4)\n    = lstat($path) or croak \"Can't run lstat, stopped\";\n\n  # Fail if file is owned by someone besides current user or root\n  return 0 if $uid != $> && $uid != 0;\n\n  # Fail if file has group or world write permissions\n  return 0 if S_IWGRP & $mode || S_IWOTH & $mode;\n\n  return 1;\n}\n",[49,843,844,850,860,864,869,876,880,885,890,895,908,916,920,925,959,964,997,1001,1009,1015,1020,1026,1032,1042,1050,1055,1061,1074,1079,1085,1106,1115,1128,1139,1145,1155,1161,1166,1172,1186,1208,1220,1225,1230,1238,1243,1248,1253,1259,1265,1275,1282,1287,1293,1301,1320,1325,1331,1343,1348,1354,1366,1371,1379],{"__ignoreMap":131},[135,845,846,848],{"class":137,"line":138},[135,847,257],{"class":141},[135,849,260],{"class":144},[135,851,852,854,856,858],{"class":137,"line":153},[135,853,257],{"class":141},[135,855,352],{"class":144},[135,857,355],{"class":294},[135,859,316],{"class":144},[135,861,862],{"class":137,"line":165},[135,863,265],{"emptyLinePlaceholder":7},[135,865,866],{"class":137,"line":177},[135,867,868],{"class":276},"# Fail if symlinks nest more than this many times\n",[135,870,871,873],{"class":137,"line":319},[135,872,270],{"class":141},[135,874,875],{"class":144}," $max_symlinks = 5;\n",[135,877,878],{"class":137,"line":378},[135,879,265],{"emptyLinePlaceholder":7},[135,881,882],{"class":137,"line":401},[135,883,884],{"class":276},"# Indicates if a particular path is secure, including that parent directories\n",[135,886,887],{"class":137,"line":416},[135,888,889],{"class":276},"# are secure. If path contains symlinks, ensures symlink targets are also secure\n",[135,891,892],{"class":137,"line":421},[135,893,894],{"class":276},"# Path need not be absolute and can have trailing \u002F.\n",[135,896,897,901,905],{"class":137,"line":446},[135,898,900],{"class":899},"sq6CD","sub",[135,902,904],{"class":903},"srTi1"," is_secure_path",[135,906,907],{"class":144}," {\n",[135,909,910,913],{"class":137,"line":578},[135,911,912],{"class":141},"  my",[135,914,915],{"class":144}," ($path) = @_;\n",[135,917,918],{"class":137,"line":711},[135,919,265],{"emptyLinePlaceholder":7},[135,921,922],{"class":137,"line":717},[135,923,924],{"class":276},"  # trim trailing \u002F\n",[135,926,927,930,933,936,939,942,945,948,951,953,956],{"class":137,"line":722},[135,928,929],{"class":282},"  chop",[135,931,932],{"class":144}," $path ",[135,934,935],{"class":141},"if",[135,937,938],{"class":144}," $path =~ ",[135,940,941],{"class":282},"m",[135,943,944],{"class":294},"@",[135,946,6],{"class":947},"sFxd3",[135,949,950],{"class":141},"$",[135,952,944],{"class":294},[135,954,955],{"class":144},"; ",[135,957,958],{"class":276},"# This could turn root dir into empty string.\n",[135,960,961],{"class":137,"line":739},[135,962,963],{"class":276},"  # make sure path is absolute\n",[135,965,966,969,972,975,978,981,983,986,988,990,993,995],{"class":137,"line":768},[135,967,968],{"class":144},"  $path = $ENV{",[135,970,971],{"class":294},"\"PWD\"",[135,973,974],{"class":144},"} . ",[135,976,977],{"class":294},"\"\u002F\"",[135,979,980],{"class":144}," . $path ",[135,982,935],{"class":141},[135,984,985],{"class":144}," $path !~ ",[135,987,941],{"class":282},[135,989,944],{"class":294},[135,991,992],{"class":947},"^\u002F",[135,994,944],{"class":294},[135,996,316],{"class":144},[135,998,999],{"class":137,"line":773},[135,1000,265],{"emptyLinePlaceholder":7},[135,1002,1003,1006],{"class":137,"line":799},[135,1004,1005],{"class":141},"  return",[135,1007,1008],{"class":144}," is_secure_path_aux( $path, $max_symlinks);\n",[135,1010,1012],{"class":137,"line":1011},19,[135,1013,1014],{"class":144},"}\n",[135,1016,1018],{"class":137,"line":1017},20,[135,1019,265],{"emptyLinePlaceholder":7},[135,1021,1023],{"class":137,"line":1022},21,[135,1024,1025],{"class":276},"# Helper to is_secure_path. Requires absolute path, w\u002Fo trailing \u002F\n",[135,1027,1029],{"class":137,"line":1028},22,[135,1030,1031],{"class":276},"# Also accepts empty string, interpreted as root path.\n",[135,1033,1035,1037,1040],{"class":137,"line":1034},23,[135,1036,900],{"class":899},[135,1038,1039],{"class":903}," is_secure_path_aux",[135,1041,907],{"class":144},[135,1043,1045,1047],{"class":137,"line":1044},24,[135,1046,912],{"class":141},[135,1048,1049],{"class":144}," ($path, $symlinks) = @_;\n",[135,1051,1053],{"class":137,"line":1052},25,[135,1054,265],{"emptyLinePlaceholder":7},[135,1056,1058],{"class":137,"line":1057},26,[135,1059,1060],{"class":276},"  # Fail if too many levels of symbolic links\n",[135,1062,1064,1066,1069,1071],{"class":137,"line":1063},27,[135,1065,1005],{"class":141},[135,1067,1068],{"class":144}," 0 ",[135,1070,935],{"class":141},[135,1072,1073],{"class":144}," $symlinks \u003C= 0;\n",[135,1075,1077],{"class":137,"line":1076},28,[135,1078,265],{"emptyLinePlaceholder":7},[135,1080,1082],{"class":137,"line":1081},29,[135,1083,1084],{"class":276},"  # Fail if parent path not secure\n",[135,1086,1088,1091,1094,1096,1098,1101,1103],{"class":137,"line":1087},30,[135,1089,1090],{"class":141},"  if",[135,1092,1093],{"class":144}," ($path =~ ",[135,1095,941],{"class":282},[135,1097,944],{"class":294},[135,1099,1100],{"class":947},"(^.*)(\u002F[^\u002F]+)",[135,1102,944],{"class":294},[135,1104,1105],{"class":144},") {\n",[135,1107,1109,1112],{"class":137,"line":1108},31,[135,1110,1111],{"class":141},"    my",[135,1113,1114],{"class":144}," $parent = $1;\n",[135,1116,1118,1121,1123,1125],{"class":137,"line":1117},32,[135,1119,1120],{"class":141},"    return",[135,1122,1068],{"class":144},[135,1124,935],{"class":141},[135,1126,1127],{"class":144}," !is_secure_path_aux( $parent, $max_symlinks);\n",[135,1129,1131,1134,1137],{"class":137,"line":1130},33,[135,1132,1133],{"class":144},"  } ",[135,1135,1136],{"class":141},"else",[135,1138,907],{"class":144},[135,1140,1142],{"class":137,"line":1141},34,[135,1143,1144],{"class":276},"    # No parent; path is root dir, proceed\n",[135,1146,1148,1151,1153],{"class":137,"line":1147},35,[135,1149,1150],{"class":144},"    $path = ",[135,1152,977],{"class":294},[135,1154,316],{"class":144},[135,1156,1158],{"class":137,"line":1157},36,[135,1159,1160],{"class":144},"  }\n",[135,1162,1164],{"class":137,"line":1163},37,[135,1165,265],{"emptyLinePlaceholder":7},[135,1167,1169],{"class":137,"line":1168},38,[135,1170,1171],{"class":276},"  # If path is symlink, check that linked-to path is also secure\n",[135,1173,1175,1177,1180,1183],{"class":137,"line":1174},39,[135,1176,1090],{"class":141},[135,1178,1179],{"class":144}," (",[135,1181,1182],{"class":141},"-l",[135,1184,1185],{"class":144}," $path) {\n",[135,1187,1189,1191,1194,1197,1199,1201,1203,1206],{"class":137,"line":1188},40,[135,1190,1111],{"class":141},[135,1192,1193],{"class":144}," $target = ",[135,1195,1196],{"class":282},"readlink",[135,1198,932],{"class":144},[135,1200,301],{"class":141},[135,1202,304],{"class":144},[135,1204,1205],{"class":294},"\"Can't read symlink, stopped\"",[135,1207,316],{"class":144},[135,1209,1211,1213,1215,1217],{"class":137,"line":1210},41,[135,1212,1120],{"class":141},[135,1214,1068],{"class":144},[135,1216,935],{"class":141},[135,1218,1219],{"class":144}," !is_secure_path_aux( $target, $max_symlinks-1);\n",[135,1221,1223],{"class":137,"line":1222},42,[135,1224,1160],{"class":144},[135,1226,1228],{"class":137,"line":1227},43,[135,1229,265],{"emptyLinePlaceholder":7},[135,1231,1233,1235],{"class":137,"line":1232},44,[135,1234,1005],{"class":141},[135,1236,1237],{"class":144}," is_secure_dir( $path);\n",[135,1239,1241],{"class":137,"line":1240},45,[135,1242,1014],{"class":144},[135,1244,1246],{"class":137,"line":1245},46,[135,1247,265],{"emptyLinePlaceholder":7},[135,1249,1251],{"class":137,"line":1250},47,[135,1252,265],{"emptyLinePlaceholder":7},[135,1254,1256],{"class":137,"line":1255},48,[135,1257,1258],{"class":276},"# Indicates if a particular path is secure. Does no checks on parent\n",[135,1260,1262],{"class":137,"line":1261},49,[135,1263,1264],{"class":276},"# directories or symlinks.\n",[135,1266,1268,1270,1273],{"class":137,"line":1267},50,[135,1269,900],{"class":899},[135,1271,1272],{"class":903}," is_secure_dir",[135,1274,907],{"class":144},[135,1276,1278,1280],{"class":137,"line":1277},51,[135,1279,912],{"class":141},[135,1281,915],{"class":144},[135,1283,1285],{"class":137,"line":1284},52,[135,1286,265],{"emptyLinePlaceholder":7},[135,1288,1290],{"class":137,"line":1289},53,[135,1291,1292],{"class":276},"  # We use owner uid and permissions mode, from path's i-node\n",[135,1294,1296,1298],{"class":137,"line":1295},54,[135,1297,912],{"class":141},[135,1299,1300],{"class":144}," ($dummy1, $dummy2, $mode, $dummy3, $uid, @dummy4)\n",[135,1302,1304,1307,1309,1311,1313,1315,1318],{"class":137,"line":1303},55,[135,1305,1306],{"class":144},"    = ",[135,1308,528],{"class":282},[135,1310,666],{"class":144},[135,1312,301],{"class":141},[135,1314,304],{"class":144},[135,1316,1317],{"class":294},"\"Can't run lstat, stopped\"",[135,1319,316],{"class":144},[135,1321,1323],{"class":137,"line":1322},56,[135,1324,265],{"emptyLinePlaceholder":7},[135,1326,1328],{"class":137,"line":1327},57,[135,1329,1330],{"class":276},"  # Fail if file is owned by someone besides current user or root\n",[135,1332,1334,1336,1338,1340],{"class":137,"line":1333},58,[135,1335,1005],{"class":141},[135,1337,1068],{"class":144},[135,1339,935],{"class":141},[135,1341,1342],{"class":144}," $uid != $> && $uid != 0;\n",[135,1344,1346],{"class":137,"line":1345},59,[135,1347,265],{"emptyLinePlaceholder":7},[135,1349,1351],{"class":137,"line":1350},60,[135,1352,1353],{"class":276},"  # Fail if file has group or world write permissions\n",[135,1355,1357,1359,1361,1363],{"class":137,"line":1356},61,[135,1358,1005],{"class":141},[135,1360,1068],{"class":144},[135,1362,935],{"class":141},[135,1364,1365],{"class":144}," S_IWGRP & $mode || S_IWOTH & $mode;\n",[135,1367,1369],{"class":137,"line":1368},62,[135,1370,265],{"emptyLinePlaceholder":7},[135,1372,1374,1376],{"class":137,"line":1373},63,[135,1375,1005],{"class":141},[135,1377,1378],{"class":144}," 1;\n",[135,1380,1382],{"class":137,"line":1381},64,[135,1383,1014],{"class":144},[39,1385,1386],{},"When checking directories, it is important to traverse from the root directory to the leaf directory to avoid a dangerous race condition whereby an attacker who can write to at least one of the directories would rename and re-create a directory after the privilege verification of subdirectories but before the verification of the tampered directory. An attacker could use this race condition to fool the algorithm into falsely reporting that a path is secure.",[39,1388,1389],{},"If the path contains any symbolic links, the code will recursively invoke itself on the linked-to directory and ensure it is also secure. A symlinked directory may be secure if and only if both its source and linked-to directory are secure.",[39,1391,1392],{},"On POSIX systems, disabling group and world write access to a directory prevents modification by anyone other than the owner of the directory and the system administrator; consequently, this function checks that each path lacks group or world write permissions. It also checks that a file is owned by either the user running the program or the system administrator. This is a reasonable definition of a secure path, but it could do other checks as well, such as the following:",[211,1394,1395,1398,1401,1404],{},[214,1396,1397],{},"checking group IDs",[214,1399,1400],{},"checking the file's sticky bit",[214,1402,1403],{},"checking that the file has only one hard link",[214,1405,1406],{},"permitting a set of trusted users in addition to the current user",[39,1408,1409],{},"This code is effective only on file systems that are fully compatible with POSIX file access permissions; it may behave incorrectly for file systems with other permission mechanisms such as AFS. It is designed to prevent untrusted users from creating race conditions based on the file system. It does not prevent race conditions in which both accesses to a file are performed by the user or the superuser.",[39,1411,1412,1413,1415,1416,1418],{},"The following compliant solution uses the ",[49,1414,834],{}," method to ensure that an attacker cannot tamper with the file to be opened and subsequently removed. Note that once the path name of a directory has been checked using ",[49,1417,834],{}," , all further file operations on that file must be performed using the same path. No race conditions are possible involving untrusted users, and so there is no need to perform any check after the open; the only remaining check necessary is the check that the file is a regular file.",[243,1420,1421],{"quality":838},[126,1422,1424],{"className":248,"code":1423,"language":250,"meta":131,"style":131},"use Carp;\n\nmy $file = $ARGV[0]; # provided by user\n\ncroak \"Not a secure path\" if !is_secure_path( $file);\n\n# Check that file is regular\nmy $mode = (lstat($file))[2] or croak \"Can't run lstat\";\ncroak \"Not a regular file\" if (S_IFREG & $mode) == 0;\n\nopen( my $in, \"\u003C\", $file) or croak \"Can't open file\";\n# ... work with FILE and close it\n",[49,1425,1426,1432,1436,1445,1449,1461,1465,1469,1488,1498,1502,1524],{"__ignoreMap":131},[135,1427,1428,1430],{"class":137,"line":138},[135,1429,257],{"class":141},[135,1431,260],{"class":144},[135,1433,1434],{"class":137,"line":153},[135,1435,265],{"emptyLinePlaceholder":7},[135,1437,1438,1440,1443],{"class":137,"line":165},[135,1439,270],{"class":141},[135,1441,1442],{"class":144}," $file = $ARGV[0]; ",[135,1444,277],{"class":276},[135,1446,1447],{"class":137,"line":177},[135,1448,265],{"emptyLinePlaceholder":7},[135,1450,1451,1453,1456,1458],{"class":137,"line":319},[135,1452,404],{"class":144},[135,1454,1455],{"class":294},"\"Not a secure path\"",[135,1457,410],{"class":141},[135,1459,1460],{"class":144}," !is_secure_path( $file);\n",[135,1462,1463],{"class":137,"line":378},[135,1464,265],{"emptyLinePlaceholder":7},[135,1466,1467],{"class":137,"line":401},[135,1468,375],{"class":276},[135,1470,1471,1473,1475,1477,1480,1482,1484,1486],{"class":137,"line":416},[135,1472,270],{"class":141},[135,1474,383],{"class":144},[135,1476,528],{"class":282},[135,1478,1479],{"class":144},"($file))[2] ",[135,1481,301],{"class":141},[135,1483,304],{"class":144},[135,1485,537],{"class":294},[135,1487,316],{"class":144},[135,1489,1490,1492,1494,1496],{"class":137,"line":421},[135,1491,404],{"class":144},[135,1493,407],{"class":294},[135,1495,410],{"class":141},[135,1497,413],{"class":144},[135,1499,1500],{"class":137,"line":446},[135,1501,265],{"emptyLinePlaceholder":7},[135,1503,1504,1506,1508,1510,1512,1514,1516,1518,1520,1522],{"class":137,"line":578},[135,1505,283],{"class":282},[135,1507,286],{"class":144},[135,1509,270],{"class":141},[135,1511,291],{"class":144},[135,1513,295],{"class":294},[135,1515,298],{"class":144},[135,1517,301],{"class":141},[135,1519,304],{"class":144},[135,1521,441],{"class":294},[135,1523,316],{"class":144},[135,1525,1526],{"class":137,"line":711},[135,1527,322],{"class":276},[57,1529,1531],{"id":1530},"exceptions","Exceptions",[39,1533,1534,1538],{},[1535,1536,1537],"strong",{},"FIO00:EX0"," : This recommendation does not apply to programs that run on a system with one user or where all the users are trusted.",[57,1540,1542],{"id":1541},"risk-assessment","Risk Assessment",[39,1544,1545],{},"Performing operations on files in shared directories can result in DoS attacks. If the program has elevated privileges, privilege escalation exploits are possible.",[1547,1548,1549,1568],"table",{},[1550,1551,1552],"thead",{},[1553,1554,1555,1558,1560,1562,1564,1566],"tr",{},[1556,1557],"th",{},[1556,1559],{},[1556,1561],{},[1556,1563],{},[1556,1565],{},[1556,1567],{},[1569,1570,1571,1592],"tbody",{},[1553,1572,1573,1577,1580,1583,1586,1589],{},[1574,1575,1576],"td",{},"Recommendation",[1574,1578,1579],{},"Severity",[1574,1581,1582],{},"Likelihood",[1574,1584,1585],{},"Remediation Cost",[1574,1587,1588],{},"Priority",[1574,1590,1591],{},"Level",[1553,1593,1594,1597,1600,1603,1605,1608],{},[1574,1595,1596],{},"FIO01-PL",[1574,1598,1599],{},"Medium",[1574,1601,1602],{},"Unlikely",[1574,1604,1599],{},[1574,1606,1607],{},"P4",[1574,1609,1610],{},"L3",[57,1612,1614],{"id":1613},"automated-detection","Automated Detection",[1547,1616,1617,1630],{},[1618,1619,1620,1624,1626,1628],"colgroup",{},[1621,1622],"col",{"style":1623},"width: 25%",[1621,1625],{"style":1623},[1621,1627],{"style":1623},[1621,1629],{"style":1623},[1569,1631,1632,1652],{},[1553,1633,1636,1641,1644,1649],{"className":1634},[1635],"header",[1556,1637,1638],{},[39,1639,1640],{},"Tool",[1556,1642,1643],{},"Version",[1556,1645,1646],{},[39,1647,1648],{},"Checker",[1556,1650,1651],{},"Description",[1553,1653,1656,1664,1674,1679],{"className":1654},[1655],"odd",[1574,1657,1658],{},[39,1659,1660],{},[107,1661,1663],{"href":1662},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer","Security Reviewer - Static Reviewer",[1574,1665,1666],{},[1667,1668,1671],"div",{"className":1669},[1670],"content-wrapper",[39,1672,1673],{},"6.02",[1574,1675,1676],{},[39,1677,1678],{},"PERL_S33",[1574,1680,1681],{},"Fully implemented",[57,1683,1685],{"id":1684},"related-guidelines","Related Guidelines",[1547,1687,1688,1696],{},[1550,1689,1690],{},[1553,1691,1692,1694],{},[1556,1693],{},[1556,1695],{},[1569,1697,1698,1711,1724],{},[1553,1699,1700,1705],{},[1574,1701,1702],{},[107,1703,1704],{"href":17},"SEI CERT C Coding Standard",[1574,1706,1707],{},[107,1708,1710],{"href":1709},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio15-c","FIO15-C. Ensure that file operations are performed in a secure directory",[1553,1712,1713,1718],{},[1574,1714,1715],{},[107,1716,1717],{"href":20},"SEI CERT C++ Coding Standard",[1574,1719,1720],{},[107,1721,1723],{"href":1722},"\u002Fsei-cert-cpp-coding-standard\u002Fthe-void\u002Fvoid-3-recommendations\u002Fvoid-rec-07-input-output-fio\u002Fvoid-fio15-cpp-ensure-that-file-operations-are-performed-in-a-secure-directory","VOID FIO15-CPP. Ensure that file operations are performed in a secure directory",[1553,1725,1726,1731],{},[1574,1727,1728],{},[107,1729,1730],{"href":23},"CERT Oracle Secure Coding Standard for Java",[1574,1732,1733],{},[107,1734,1736],{"href":1735},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio00-j","FIO00-J. Do not operate on files in shared directories",[57,1738,1740],{"id":1739},"bibliography","Bibliography",[1547,1742,1745,1752],{"className":1743},[1744],"wrapped",[1618,1746,1747,1750],{},[1621,1748],{"style":1749},"width: 50%",[1621,1751],{"style":1749},[1569,1753,1754,1774,1785,1797,1811,1825],{},[1553,1755,1757,1767],{"className":1756},[1635],[1556,1758,1761,1762,1766],{"className":1759},[1760],"nohighlight","[ ",[107,1763,1765],{"href":1764},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-CPAN","CPAN"," ]",[1556,1768,1770],{"className":1769},[1760],[107,1771,1773],{"href":1772},"http:\u002F\u002Fsearch.cpan.org\u002F%7Erjbs\u002Fperl-5.16.0\u002Fext\u002FPOSIX\u002Flib\u002FPOSIX.pod","POSIX",[1553,1775,1777,1782],{"className":1776},[1655],[1574,1778,1761,1779,1766],{},[107,1780,121],{"href":1781},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fseccode\u002FAA.+Bibliography#AABibliography-Garfinkel96",[1574,1783,1784],{},"Section 5.6, \"Device files\"",[1553,1786,1789,1794],{"className":1787},[1788],"even",[1574,1790,1761,1791,1766],{},[107,1792,110],{"href":1793},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fseccode\u002FAA.+Bibliography#AABibliography-Howard02",[1574,1795,1796],{},"Chapter 11, \"Canonical Representation Issues\"",[1553,1798,1800,1806],{"className":1799},[1655],[1574,1801,1761,1802,1766],{},[107,1803,1805],{"href":1804},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-OpenGroup08","Open Group 08",[1574,1807,1808],{},[1809,1810],"br",{},[1553,1812,1814,1820],{"className":1813},[1788],[1574,1815,1761,1816,1766],{},[107,1817,1819],{"href":1818},"http:\u002F\u002Fwww.kb.cert.org\u002Fvuls\u002Fid\u002F570952","VU#570952",[1574,1821,1822],{},[107,1823,1824],{"href":1818},"Redhat Linux diskcheck.pl creates predictable temporary file and fails to check for existing symbolic link of same name",[1553,1826,1828,1834],{"className":1827},[1655],[1574,1829,1761,1830,1766],{},[107,1831,1833],{"href":1832},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Manpages","Wall 2011",[1574,1835,1836],{},[107,1837,1839],{"href":1838},"http:\u002F\u002Fperldoc.perl.org\u002Fperlfunc.html","perlfunc",[1841,1842],"hr",{},[39,1844,1845,1852,1853,1852,1859],{},[107,1846,1848],{"href":1847},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio00-pl",[1849,1850],"img",{"src":1851},"\u002Fattachments\u002F88890562\u002F88892207.png"," ",[107,1854,1856],{"href":1855},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002F",[1849,1857],{"src":1858},"\u002Fattachments\u002F88890562\u002F88892209.png",[107,1860,1862],{"href":1861},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002F",[1849,1863],{"src":1864},"\u002Fattachments\u002F88890562\u002F88892208.png",[1866,1867,1868],"style",{},"html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}html pre.shiki code .sTrkL, html code.shiki .sTrkL{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#66D9EF}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .srTi1, html code.shiki .srTi1{--shiki-default:#6F42C1;--shiki-dark:#B392F0;--shiki-sepia:#A6E22E}html pre.shiki code .sFxd3, html code.shiki .sFxd3{--shiki-default:#032F62;--shiki-dark:#DBEDFF;--shiki-sepia:#E6DB74}",{"title":131,"searchDepth":153,"depth":153,"links":1870},[1871,1872,1873,1874,1875,1876,1878,1879,1880,1881,1882,1883,1884],{"id":59,"depth":153,"text":60},{"id":80,"depth":153,"text":81},{"id":196,"depth":153,"text":197},{"id":228,"depth":153,"text":229},{"id":328,"depth":153,"text":329},{"id":458,"depth":153,"text":1877},"Noncompliant Code Example ( lstat() )",{"id":586,"depth":153,"text":587},{"id":819,"depth":153,"text":820},{"id":1530,"depth":153,"text":1531},{"id":1541,"depth":153,"text":1542},{"id":1613,"depth":153,"text":1614},{"id":1684,"depth":153,"text":1685},{"id":1739,"depth":153,"text":1740},"md",{"tags":1887},[1888,1889],"recommendation","fio","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio01-pl",{"title":30,"description":41},"7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F3.fio01-pl","KB5zO0gZCOH5XlhkE8f7ZqNhjIyRW5OSf8v0-8w-jEE",[1895,1898],{"title":1896,"path":1847,"stem":1897,"children":-1},"FIO00-PL. Do not use bareword file handles","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F2.fio00-pl",{"title":1899,"path":1900,"stem":1901,"children":-1},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[1903],{"title":1904,"path":1905,"stem":1906,"children":1907},"SEI CERT Perl Coding Standard","\u002Fsei-cert-perl-coding-standard","7.sei-cert-perl-coding-standard\u002F1.index",[1908,1909,1964,2093,2231],{"title":1904,"path":1905,"stem":1906},{"title":1910,"path":1911,"stem":1912,"children":1913},"Front Matter","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F1.index",[1914,1915,1919],{"title":1910,"path":1911,"stem":1912},{"title":1916,"path":1917,"stem":1918},"Deprecations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fdeprecations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F2.deprecations",{"title":1920,"path":1921,"stem":1922,"children":1923},"Introduction","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.index",[1924,1925,1929,1933,1937,1941,1945,1949,1952,1956,1960],{"title":1920,"path":1921,"stem":1922},{"title":1926,"path":1927,"stem":1928},"Scope","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.scope",{"title":1930,"path":1931,"stem":1932},"Tool Selection and Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F02.tool-selection-and-validation",{"title":1934,"path":1935,"stem":1936},"Rules versus Recommendations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F03.rules-versus-recommendations",{"title":1938,"path":1939,"stem":1940},"Development Process","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F04.development-process",{"title":1942,"path":1943,"stem":1944},"Usage","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F05.usage",{"title":1946,"path":1947,"stem":1948},"System Qualities","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F06.system-qualities",{"title":1542,"path":1950,"stem":1951},"\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frisk-assessment","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F07.risk-assessment",{"title":1953,"path":1954,"stem":1955},"Source Code Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsource-code-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F08.source-code-validation",{"title":1957,"path":1958,"stem":1959},"Automatically Generated Code","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F09.automatically-generated-code",{"title":1961,"path":1962,"stem":1963},"Acknowledgements","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgements","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F11.acknowledgements",{"title":1965,"path":1966,"stem":1967,"children":1968},"Rules","\u002Fsei-cert-perl-coding-standard\u002Frules","7.sei-cert-perl-coding-standard\u002F3.rules\u002F1.index",[1969,1970,1988,2012,2022,2051,2055,2069,2079],{"title":1965,"path":1966,"stem":1967},{"title":1971,"path":1972,"stem":1973,"children":1974},"Declarations and Initialization (DCL)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F1.index",[1975,1976,1980,1984],{"title":1971,"path":1972,"stem":1973},{"title":1977,"path":1978,"stem":1979},"DCL30-PL. Do not import deprecated modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F2.dcl30-pl",{"title":1981,"path":1982,"stem":1983},"DCL31-PL. Do not overload reserved keywords or subroutines","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F3.dcl31-pl",{"title":1985,"path":1986,"stem":1987},"DCL33-PL. Declare identifiers before using them","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F4.dcl33-pl",{"title":1989,"path":1990,"stem":1991,"children":1992},"Expressions (EXP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F1.index",[1993,1994,1996,2000,2004,2008],{"title":1989,"path":1990,"stem":1991},{"title":240,"path":239,"stem":1995},"7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F2.exp30-pl",{"title":1997,"path":1998,"stem":1999},"EXP31-PL. Do not suppress or ignore exceptions","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F3.exp31-pl",{"title":2001,"path":2002,"stem":2003},"EXP32-PL. Do not ignore function return values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F4.exp32-pl",{"title":2005,"path":2006,"stem":2007},"EXP33-PL. Do not invoke a function in a context for which it is not defined","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F5.exp33-pl",{"title":2009,"path":2010,"stem":2011},"EXP35-PL. Use the correct operator type for comparing values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F6.exp35-pl",{"title":2013,"path":2014,"stem":2015,"children":2016},"File Input and Output (FIO)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F1.index",[2017,2018],{"title":2013,"path":2014,"stem":2015},{"title":2019,"path":2020,"stem":2021},"FIO30-PL. Use compatible character encodings when performing network or file I\u002FO","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio\u002Ffio30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F2.fio30-pl",{"title":1899,"path":2023,"stem":2024,"children":2025},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[2026,2027,2031,2035,2039,2043,2047],{"title":1899,"path":2023,"stem":2024},{"title":2028,"path":2029,"stem":2030},"IDS30-PL. Exclude user input from format strings","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids30-pl",{"title":2032,"path":2033,"stem":2034},"IDS31-PL. Do not use the two-argument form of open()","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids31-pl",{"title":2036,"path":2037,"stem":2038},"IDS32-PL. Validate any integer that is used as an array index","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F4.ids32-pl",{"title":2040,"path":2041,"stem":2042},"IDS33-PL. Sanitize untrusted data passed across a trust boundary","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F5.ids33-pl",{"title":2044,"path":2045,"stem":2046},"IDS34-PL. Do not pass untrusted, unsanitized data to a command interpreter","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids34-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F6.ids34-pl",{"title":2048,"path":2049,"stem":2050},"IDS35-PL. Do not invoke the eval form with a string argument","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F7.ids35-pl",{"title":2052,"path":2053,"stem":2054},"Integers (INT)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F3.rules\u002F6.integers-int",{"title":2056,"path":2057,"stem":2058,"children":2059},"Miscellaneous (MSC)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F1.index",[2060,2061,2065],{"title":2056,"path":2057,"stem":2058},{"title":2062,"path":2063,"stem":2064},"MSC31-PL. Do not embed global statements","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F2.msc31-pl",{"title":2066,"path":2067,"stem":2068},"MSC32-PL. Do not provide a module's version value from outside the module","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F3.msc32-pl",{"title":2070,"path":2071,"stem":2072,"children":2073},"Object-Oriented Programming (OOP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F1.index",[2074,2075],{"title":2070,"path":2071,"stem":2072},{"title":2076,"path":2077,"stem":2078},"OOP32-PL. Prohibit indirect object call syntax","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop\u002Foop32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F2.oop32-pl",{"title":2080,"path":2081,"stem":2082,"children":2083},"Strings (STR)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F1.index",[2084,2085,2089],{"title":2080,"path":2081,"stem":2082},{"title":2086,"path":2087,"stem":2088},"STR30-PL. Capture variables should be read only immediately after a successful regex match","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F2.str30-pl",{"title":2090,"path":2091,"stem":2092},"STR31-PL. Do not pass string literals to functions expecting regexes","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F3.str31-pl",{"title":2094,"path":2095,"stem":2096,"children":2097},"Recommendations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F1.index",[2098,2099,2128,2161,2168,2177,2190,2215,2228],{"title":2094,"path":2095,"stem":2096},{"title":1971,"path":2100,"stem":2101,"children":2102},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F1.index",[2103,2104,2108,2112,2116,2120,2124],{"title":1971,"path":2100,"stem":2101},{"title":2105,"path":2106,"stem":2107},"DCL00-PL. Do not use subroutine prototypes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F2.dcl00-pl",{"title":2109,"path":2110,"stem":2111},"DCL01-PL. Do not reuse variable names in subscopes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F3.dcl01-pl",{"title":2113,"path":2114,"stem":2115},"DCL02-PL. Any modified punctuation variable should be declared local","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F4.dcl02-pl",{"title":2117,"path":2118,"stem":2119},"DCL03-PL. Do not read a foreach iterator variable after the loop has completed","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F5.dcl03-pl",{"title":2121,"path":2122,"stem":2123},"DCL04-PL. Always initialize local variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F6.dcl04-pl",{"title":2125,"path":2126,"stem":2127},"DCL05-PL. Prohibit Perl4 package names","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F7.dcl05-pl",{"title":1989,"path":2129,"stem":2130,"children":2131},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F1.index",[2132,2133,2137,2141,2145,2149,2153,2157],{"title":1989,"path":2129,"stem":2130},{"title":2134,"path":2135,"stem":2136},"EXP00-PL. Do not return undef","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F2.exp00-pl",{"title":2138,"path":2139,"stem":2140},"EXP01-PL. Do not depend on the return value of functions that lack a return statement","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F3.exp01-pl",{"title":2142,"path":2143,"stem":2144},"EXP03-PL. Do not diminish the benefits of constants by assuming their values in expressions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F4.exp03-pl",{"title":2146,"path":2147,"stem":2148},"EXP04-PL. Do not mix the early-precedence logical operators with late-precedence logical operators","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F5.exp04-pl",{"title":2150,"path":2151,"stem":2152},"EXP06-PL. Do not use an array in an implicit scalar context","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp06-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F6.exp06-pl",{"title":2154,"path":2155,"stem":2156},"EXP07-PL. Do not modify $_ in list or sorting functions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F7.exp07-pl",{"title":2158,"path":2159,"stem":2160},"EXP08-PL. Do not use the one-argument form of select()","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F8.exp08-pl",{"title":2013,"path":2162,"stem":2163,"children":2164},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F1.index",[2165,2166,2167],{"title":2013,"path":2162,"stem":2163},{"title":1896,"path":1847,"stem":1897},{"title":30,"path":1890,"stem":1892},{"title":1899,"path":1900,"stem":1901,"children":2169},[2170,2171,2173],{"title":1899,"path":1900,"stem":1901},{"title":816,"path":815,"stem":2172},"7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids00-pl",{"title":2174,"path":2175,"stem":2176},"IDS01-PL. Use taint mode while being aware of its limitations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids01-pl",{"title":2052,"path":2178,"stem":2179,"children":2180},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F1.index",[2181,2182,2186],{"title":2052,"path":2178,"stem":2179},{"title":2183,"path":2184,"stem":2185},"INT00-PL. Do not prepend leading zeroes to integer literals","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F2.int00-pl",{"title":2187,"path":2188,"stem":2189},"INT01-PL. Use small integers when precise computation is required","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F3.int01-pl",{"title":2056,"path":2191,"stem":2192,"children":2193},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F1.index",[2194,2195,2199,2203,2207,2211],{"title":2056,"path":2191,"stem":2192},{"title":2196,"path":2197,"stem":2198},"MSC00-PL. Detect and remove dead code","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F2.msc00-pl",{"title":2200,"path":2201,"stem":2202},"MSC01-PL. Detect and remove unused variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F3.msc01-pl",{"title":2204,"path":2205,"stem":2206},"MSC02-PL. Run programs with full warnings and strict checking","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F4.msc02-pl",{"title":2208,"path":2209,"stem":2210},"MSC03-PL. Do not use select() to sleep","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F5.msc03-pl",{"title":2212,"path":2213,"stem":2214},"MSC04-PL. Do not use comma to separate statements","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F6.msc04-pl",{"title":2070,"path":2216,"stem":2217,"children":2218},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F1.index",[2219,2220,2224],{"title":2070,"path":2216,"stem":2217},{"title":2221,"path":2222,"stem":2223},"OOP00-PL. Do not signify inheritence at runtime","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F2.oop00-pl",{"title":2225,"path":2226,"stem":2227},"OOP01-PL. Do not access private variables or subroutines in other packages","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F3.oop01-pl",{"title":2080,"path":2229,"stem":2230},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F9.strings-str",{"title":2232,"path":2233,"stem":2234,"children":2235},"Back Matter","\u002Fsei-cert-perl-coding-standard\u002Fback-matter","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F1.index",[2236,2237,2240,2268],{"title":2232,"path":2233,"stem":2234},{"title":2238,"path":109,"stem":2239},"AA. Bibliography","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F2.aa-bibliography",{"title":2241,"path":2242,"stem":2243,"children":2244},"BB. Analyzers","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F1.index",[2245,2246,2250,2254,2258,2262,2264],{"title":2241,"path":2242,"stem":2243},{"title":2247,"path":2248,"stem":2249},"Critic","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F2.critic",{"title":2251,"path":2252,"stem":2253},"Critic_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F3.critic_v",{"title":2255,"path":2256,"stem":2257},"Lint","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F4.lint",{"title":2259,"path":2260,"stem":2261},"Lint_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F5.lint_v",{"title":1663,"path":1662,"stem":2263},"7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F6.security-reviewer-static-reviewer",{"title":2265,"path":2266,"stem":2267},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F7.security-reviewer-static-reviewer_v",{"title":2269,"path":2270,"stem":2271},"CC. Risk Assessments","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fcc-risk-assessments","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F4.cc-risk-assessments",1775657794534]