[{"data":1,"prerenderedAt":1420},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids31-pl":28,"surround-\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids31-pl":1038,"sidebar-sei-cert-perl-coding-standard":1045},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":1028,"extension":1029,"meta":1030,"navigation":7,"path":1034,"seo":1035,"stem":1036,"__hash__":1037},"content\u002F7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids31-pl.md","IDS31-PL. Do not use the two-argument form of open()",{"type":32,"value":33,"toc":1009},"minimark",[34,38,51,73,93,99,104,110,207,210,217,223,293,313,319,325,362,380,386,391,421,430,436,441,473,487,493,497,522,542,546,552,618,645,651,657,690,699,703,706,773,777,886,890,980,983,1005],[35,36,30],"h1",{"id":37},"ids31-pl-do-not-use-the-two-argument-form-of-open",[39,40,41,42,46,47,50],"p",{},"The Perl ",[43,44,45],"code",{},"open()"," function has several forms. The ",[43,48,49],{},"perlfunc(1)"," manpage lists the following:",[52,53,54],"blockquote",{},[39,55,56,57,60,61,63,64,66,67,69,70,72],{},"open FILEHANDLE,EXPR",[58,59],"br",{},"\nopen FILEHANDLE,MODE,EXPR",[58,62],{},"\nopen FILEHANDLE,MODE,EXPR,LIST",[58,65],{},"\nopen FILEHANDLE,MODE,REFERENCE",[58,68],{},"\nopen FILEHANDLE",[58,71],{},"\nOpens the file whose file name is given by EXPR and associates it with FILEHANDLE.",[39,74,75,76,79,80,82,83,85,86,89,90,92],{},"If the ",[43,77,78],{},"MODE"," argument is provided (that is, if ",[43,81,45],{}," is given three or more arguments), the ",[43,84,78],{}," argument indicates if the file is opened for input or output. It can also indicate that rather than opening a file, the system should execute a shell command and treat it as an input file or an output file. If the two-argument form is used, the ",[43,87,88],{},"EXPR"," should contain both the ",[43,91,78],{}," argument and file name to be opened or shell command to be executed.",[39,94,95,96,98],{},"If an attacker can provide a file name argument to be used in the two-argument form of ",[43,97,45],{}," , the attacker can instead provide a shell command, which gets executed by the program.",[100,101,103],"h2",{"id":102},"noncompliant-code-example","Noncompliant Code Example",[39,105,106,107,109],{},"This noncompliant code example uses the two-argument form of ",[43,108,45],{}," .",[111,112,114],"code-block",{"quality":113},"bad",[115,116,121],"pre",{"className":117,"code":118,"language":119,"meta":120,"style":120},"language-perl shiki shiki-themes github-light github-dark monokai","my $filename = # initialize\nopen(my $FILE, $filename) or croak(\"file not found\");\nwhile (\u003C$FILE>) {\n  print \"$filename: $_\";\n};\n","perl","",[43,122,123,140,168,177,201],{"__ignoreMap":120},[124,125,128,132,136],"span",{"class":126,"line":127},"line",1,[124,129,131],{"class":130},"sC2Qs","my",[124,133,135],{"class":134},"sMOD_"," $filename = ",[124,137,139],{"class":138},"s8-w5","# initialize\n",[124,141,143,147,150,152,155,158,161,165],{"class":126,"line":142},2,[124,144,146],{"class":145},"sTrkL","open",[124,148,149],{"class":134},"(",[124,151,131],{"class":130},[124,153,154],{"class":134}," $FILE, $filename) ",[124,156,157],{"class":130},"or",[124,159,160],{"class":134}," croak(",[124,162,164],{"class":163},"sstjo","\"file not found\"",[124,166,167],{"class":134},");\n",[124,169,171,174],{"class":126,"line":170},3,[124,172,173],{"class":130},"while",[124,175,176],{"class":134}," (\u003C$FILE>) {\n",[124,178,180,183,186,189,192,195,198],{"class":126,"line":179},4,[124,181,182],{"class":145},"  print",[124,184,185],{"class":163}," \"",[124,187,188],{"class":134},"$filename",[124,190,191],{"class":163},": ",[124,193,194],{"class":134},"$_",[124,196,197],{"class":163},"\"",[124,199,200],{"class":134},";\n",[124,202,204],{"class":126,"line":203},5,[124,205,206],{"class":134},"};\n",[39,208,209],{},"Although this code clearly expects its file to be opened for reading, the file name might indicate a shell command. It might also indicate a file to be written rather than read.",[100,211,212,213,216],{"id":102},"Noncompliant Code Example ( ",[43,214,215],{},"\u003C"," )",[39,218,219,220,222],{},"This noncompliant code example attempts to mitigate the problem by prepending a ",[43,221,215],{}," to the file name.",[111,224,225],{"quality":113},[115,226,228],{"className":117,"code":227,"language":119,"meta":120,"style":120},"my $filename = # initialize\nopen(my $FILE, \"\u003C$filename\") or croak(\"file not found\");\nwhile (\u003C$FILE>) {\n  print \"$filename: $_\";\n};\n",[43,229,230,238,267,273,289],{"__ignoreMap":120},[124,231,232,234,236],{"class":126,"line":127},[124,233,131],{"class":130},[124,235,135],{"class":134},[124,237,139],{"class":138},[124,239,240,242,244,246,249,252,254,256,259,261,263,265],{"class":126,"line":142},[124,241,146],{"class":145},[124,243,149],{"class":134},[124,245,131],{"class":130},[124,247,248],{"class":134}," $FILE, ",[124,250,251],{"class":163},"\"\u003C",[124,253,188],{"class":134},[124,255,197],{"class":163},[124,257,258],{"class":134},") ",[124,260,157],{"class":130},[124,262,160],{"class":134},[124,264,164],{"class":163},[124,266,167],{"class":134},[124,268,269,271],{"class":126,"line":170},[124,270,173],{"class":130},[124,272,176],{"class":134},[124,274,275,277,279,281,283,285,287],{"class":126,"line":179},[124,276,182],{"class":145},[124,278,185],{"class":163},[124,280,188],{"class":134},[124,282,191],{"class":163},[124,284,194],{"class":134},[124,286,197],{"class":163},[124,288,200],{"class":134},[124,290,291],{"class":126,"line":203},[124,292,206],{"class":134},[39,294,295,296,298,299,302,303,305,306,309,310,312],{},"If ",[43,297,188],{}," begins or ends with ",[43,300,301],{},"|"," , the preceding ",[43,304,215],{}," forces it to be treated as a file name rather than a shell command. This code will not execute a shell command. However, an attacker could cause a program to hang by supplying ",[43,307,308],{},"-"," as the file name, which is interpreted by ",[43,311,45],{}," as reading standard input.",[100,314,212,316,216],{"id":315},"noncompliant-code-example-argv",[43,317,318],{},"\u003CARGV>",[39,320,321,322,324],{},"This noncompliant code example uses the ",[43,323,318],{}," operator.",[111,326,327],{"quality":113},[115,328,330],{"className":117,"code":329,"language":119,"meta":120,"style":120},"while (\u003CARGV>) {\n  print \":: $_\";\n};\n",[43,331,332,345,358],{"__ignoreMap":120},[124,333,334,336,339,342],{"class":126,"line":127},[124,335,173],{"class":130},[124,337,338],{"class":134}," (\u003C",[124,340,341],{"class":145},"ARGV",[124,343,344],{"class":134},">) {\n",[124,346,347,349,352,354,356],{"class":126,"line":142},[124,348,182],{"class":145},[124,350,351],{"class":163}," \":: ",[124,353,194],{"class":134},[124,355,197],{"class":163},[124,357,200],{"class":134},[124,359,360],{"class":126,"line":170},[124,361,206],{"class":134},[39,363,364,365,367,368,371,372,374,375,298,377,379],{},"This code suffers from the same vulnerability as the first noncompliant code example. The ",[43,366,318],{}," operator opens every file provided in the ",[43,369,370],{},"@ARGV"," array and returns a line from each file. Unfortunately, it uses the two-argument form of ",[43,373,45],{}," to accomplish this task. If any element of ",[43,376,370],{},[43,378,301],{}," , it is interpreted as a shell command and executed.",[100,381,212,383,216],{"id":382},"noncompliant-code-example-1",[43,384,385],{},"\u003C>",[39,387,321,388,390],{},[43,389,385],{}," operator, known as the diamond operator.",[111,392,393],{"quality":113},[115,394,396],{"className":117,"code":395,"language":119,"meta":120,"style":120},"while (\u003C>) {\n  print \":: $_\";\n};\n",[43,397,398,405,417],{"__ignoreMap":120},[124,399,400,402],{"class":126,"line":127},[124,401,173],{"class":130},[124,403,404],{"class":134}," (\u003C>) {\n",[124,406,407,409,411,413,415],{"class":126,"line":142},[124,408,182],{"class":145},[124,410,351],{"class":163},[124,412,194],{"class":134},[124,414,197],{"class":163},[124,416,200],{"class":134},[124,418,419],{"class":126,"line":170},[124,420,206],{"class":134},[39,422,423,424,426,427,429],{},"The ",[43,425,385],{}," operator is a synonym for ",[43,428,318],{}," and has the same behavior with the same vulnerability.",[100,431,212,433,216],{"id":432},"noncompliant-code-example-n",[43,434,435],{},"-n",[39,437,321,438,440],{},[43,439,435],{}," argument to Perl.",[111,442,443],{"quality":113},[115,444,448],{"className":445,"code":446,"language":447,"meta":120,"style":120},"language-java shiki shiki-themes github-light github-dark monokai","perl -n 'print \":: $_\\n\";' *\n","java",[43,449,450],{"__ignoreMap":120},[124,451,452,455,457,460,463,467,470],{"class":126,"line":127},[124,453,454],{"class":134},"perl ",[124,456,308],{"class":130},[124,458,459],{"class":134},"n ",[124,461,462],{"class":163},"'print \":: $_",[124,464,466],{"class":465},"s7F3e","\\n",[124,468,469],{"class":163},"\";'",[124,471,472],{"class":130}," *\n",[39,474,475,476,478,479,481,482,484,485,109],{},"This code suffers from the same vulnerability as the previous noncompliant code example. The ",[43,477,435],{}," argument instructs Perl to open every file in the command line (in this case, every file in the current directory) and return a line from each file. If any argument in the command begins or ends with ",[43,480,301],{}," , it is interpreted as a shell command and executed. In this manner, the ",[43,483,435],{}," operator acts exactly like the two-argument form of ",[43,486,45],{},[100,488,212,490,216],{"id":489},"noncompliant-code-example-p",[43,491,492],{},"-p",[39,494,321,495,440],{},[43,496,492],{},[111,498,499],{"quality":113},[115,500,502],{"className":445,"code":501,"language":447,"meta":120,"style":120},"perl -p '$_ = \":: $_\\n\";' *\n",[43,503,504],{"__ignoreMap":120},[124,505,506,508,510,513,516,518,520],{"class":126,"line":127},[124,507,454],{"class":134},[124,509,308],{"class":130},[124,511,512],{"class":134},"p ",[124,514,515],{"class":163},"'$_ = \":: $_",[124,517,466],{"class":465},[124,519,469],{"class":163},[124,521,472],{"class":130},[39,523,475,524,526,527,529,530,532,533,535,536,481,538,484,540,109],{},[43,525,492],{}," argument instructs Perl to open every file in the command line (in this case, every file in the current directory) and return a line from each file. Unlike ",[43,528,435],{}," , ",[43,531,492],{}," also instructs Perl to print the line read (stored in ",[43,534,194],{}," ) at the end of each iteration of its implicit loop. If any argument in the command begins or ends with ",[43,537,301],{},[43,539,435],{},[43,541,45],{},[100,543,545],{"id":544},"compliant-solution","Compliant Solution",[39,547,548,549,551],{},"This compliant solution invokes ",[43,550,45],{}," with three arguments rather than two.",[111,553,555],{"quality":554},"good",[115,556,558],{"className":117,"code":557,"language":119,"meta":120,"style":120},"my $filename = # initialize\nopen(my $FILE, \"\u003C\", $filename) or croak(\"file not found\");\nwhile (\u003C$FILE>) {\n  print \"$filename: $_\";\n};\n",[43,559,560,568,592,598,614],{"__ignoreMap":120},[124,561,562,564,566],{"class":126,"line":127},[124,563,131],{"class":130},[124,565,135],{"class":134},[124,567,139],{"class":138},[124,569,570,572,574,576,578,581,584,586,588,590],{"class":126,"line":142},[124,571,146],{"class":145},[124,573,149],{"class":134},[124,575,131],{"class":130},[124,577,248],{"class":134},[124,579,580],{"class":163},"\"\u003C\"",[124,582,583],{"class":134},", $filename) ",[124,585,157],{"class":130},[124,587,160],{"class":134},[124,589,164],{"class":163},[124,591,167],{"class":134},[124,593,594,596],{"class":126,"line":170},[124,595,173],{"class":130},[124,597,176],{"class":134},[124,599,600,602,604,606,608,610,612],{"class":126,"line":179},[124,601,182],{"class":145},[124,603,185],{"class":163},[124,605,188],{"class":134},[124,607,191],{"class":163},[124,609,194],{"class":134},[124,611,197],{"class":163},[124,613,200],{"class":134},[124,615,616],{"class":126,"line":203},[124,617,206],{"class":134},[39,619,620,621,623,624,626,627,629,630,632,633,635,636,638,639,641,642,644],{},"The three-argument invocations of ",[43,622,45],{}," are not subject to the same vulnerabilities as the two-argument ",[43,625,45],{}," . In this code, ",[43,628,188],{}," is treated as a file name even if it contains characters that are treated specially by the two-argument ",[43,631,45],{}," function. For example, if ",[43,634,188],{}," is specified as ",[43,637,308],{}," , then the three-argument ",[43,640,45],{}," attempts to open a file named ",[43,643,308],{}," rather than opening standard input.",[100,646,647,648,216],{"id":544},"Compliant Solution ( ",[43,649,650],{},"\u003C\u003C>>",[39,652,653,654,656],{},"This compliant solution uses the ",[43,655,650],{}," operator, known as the double diamond operator.",[111,658,659],{"quality":554},[115,660,662],{"className":117,"code":661,"language":119,"meta":120,"style":120},"while (\u003C\u003C>>) {\n  print \":: $_\";\n};\n",[43,663,664,676,686],{"__ignoreMap":120},[124,665,666,668,671,673],{"class":126,"line":127},[124,667,173],{"class":130},[124,669,670],{"class":134}," (",[124,672,650],{"class":163},[124,674,675],{"class":134},") {\n",[124,677,678,681,683],{"class":126,"line":142},[124,679,680],{"class":163},"  print \":: ",[124,682,194],{"class":134},[124,684,685],{"class":163},"\";\n",[124,687,688],{"class":126,"line":170},[124,689,206],{"class":163},[39,691,692,693,695,696,698],{},"The \u003C\u003C>> operator works like the \u003C> operator except for using the three-argument form of ",[43,694,45],{}," (with ",[43,697,580],{}," as the second argument) to accomplish this task.",[100,700,702],{"id":701},"risk-assessment","Risk Assessment",[39,704,705],{},"Failure to handle error codes or other values returned by functions can lead to incorrect program flow and violations of data integrity.",[707,708,709,710,709,740],"table",{},"\n  ",[711,712,713,714,709],"thead",{},"\n    ",[715,716,717,718,717,722,717,725,717,728,717,731,717,734,717,737,713],"tr",{},"\n      ",[719,720,721],"th",{},"Rule",[719,723,724],{},"Severity",[719,726,727],{},"Likelihood",[719,729,730],{},"Detectable",[719,732,733],{},"Repairable",[719,735,736],{},"Priority",[719,738,739],{},"Level",[741,742,713,743,709],"tbody",{},[715,744,717,745,717,749,717,752,717,755,717,758,717,761,717,768,713],{},[746,747,748],"td",{},"IDS31-PL",[746,750,751],{},"high",[746,753,754],{},"likely",[746,756,757],{},"Yes",[746,759,760],{},"No",[746,762,764],{"style":763},"color: #e74c3c;",[765,766,767],"b",{},"P18",[746,769,770],{"style":763},[765,771,772],{},"L1",[100,774,776],{"id":775},"automated-detection","Automated Detection",[707,778,781,794],{"className":779},[780],"wrapped",[782,783,784,788,790,792],"colgroup",{},[785,786],"col",{"style":787},"width: 25%",[785,789],{"style":787},[785,791],{"style":787},[785,793],{"style":787},[741,795,796,816,836,857],{},[715,797,800,805,808,813],{"className":798},[799],"header",[719,801,802],{},[39,803,804],{},"Tool",[719,806,807],{},"Version",[719,809,810],{},[39,811,812],{},"Checker",[719,814,815],{},"Description",[715,817,820,825,828,833],{"className":818},[819],"odd",[746,821,822],{},[39,823,824],{},"Perl::Critic",[746,826,827],{},"5.0",[746,829,830],{},[39,831,832],{},"InputOutput::ProhibitTwoArgOpen",[746,834,835],{},"Implemented",[715,837,840,845,847,855],{"className":838},[839],"even",[746,841,842],{},[39,843,844],{},"B::Lint",[746,846,827],{},[746,848,849],{},[39,850,851,852,854],{},"Use of \u003C>",[58,853],{},"\nUnterminated \u003C> operator",[746,856,835],{},[715,858,860,869,879,884],{"className":859},[819],[746,861,862],{},[39,863,864],{},[865,866,868],"a",{"href":867},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer","Security Reviewer - Static Reviewer",[746,870,871],{},[872,873,876],"div",{"className":874},[875],"content-wrapper",[39,877,878],{},"6.02",[746,880,881],{},[39,882,883],{},"PERL_D88",[746,885,835],{},[100,887,889],{"id":888},"bibliography","Bibliography",[707,891,892,900],{},[711,893,894],{},[715,895,896,898],{},[719,897],{},[719,899],{},[741,901,902,920,935,950,965],{},[715,903,904,912],{},[746,905,906,907,911],{},"[ ",[865,908,910],{"href":909},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-VU#948385","VU#272296"," ]",[746,913,914],{},[865,915,919],{"href":916,"rel":917},"http:\u002F\u002Fwww.kb.cert.org\u002Fvuls\u002Fid\u002F272296",[918],"nofollow","AWStats fails to properly filter user-supplied input",[715,921,922,929],{},[746,923,906,924,911],{},[865,925,928],{"href":926,"rel":927},"http:\u002F\u002Fwww.kb.cert.org\u002Fvuls\u002Fid\u002F453475",[918],"VU#453475",[746,930,931],{},[865,932,934],{"href":926,"rel":933},[918],"PGPMail.pl does not adequately validate user input thereby allowing arbitrary command execution",[715,936,937,944],{},[746,938,906,939,911],{},[865,940,943],{"href":941,"rel":942},"http:\u002F\u002Fwww.kb.cert.org\u002Fvuls\u002Fid\u002F496064",[918],"VU#496064",[746,945,946],{},[865,947,949],{"href":941,"rel":948},[918],"ibrow NewsDesk does not securely handle input passed to open()",[715,951,952,959],{},[746,953,906,954,911],{},[865,955,958],{"href":956,"rel":957},"http:\u002F\u002Fwww.kb.cert.org\u002Fvuls\u002Fid\u002F671444",[918],"VU#671444",[746,960,961],{},[865,962,964],{"href":956,"rel":963},[918],"Input validation error in quikstore.cgi allows attackers to execute commands",[715,966,967,973],{},[746,968,906,969,911],{},[865,970,972],{"href":971},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Manpages","Wall 2011",[746,974,975],{},[865,976,979],{"href":977,"rel":978},"http:\u002F\u002Fperldoc.perl.org\u002Fperlfunc.html",[918],"perlfunc",[981,982],"hr",{},[39,984,985,992,993,992,999],{},[865,986,988],{"href":987},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids30-pl",[989,990],"img",{"src":991},"\u002Fattachments\u002F88890562\u002F88892207.png"," ",[865,994,996],{"href":995},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002F",[989,997],{"src":998},"\u002Fattachments\u002F88890562\u002F88892209.png",[865,1000,1002],{"href":1001},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids32-pl",[989,1003],{"src":1004},"\u002Fattachments\u002F88890562\u002F88892208.png",[1006,1007,1008],"style",{},"html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}html pre.shiki code .sTrkL, html code.shiki .sTrkL{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#66D9EF}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .s7F3e, html code.shiki .s7F3e{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#AE81FF}",{"title":120,"searchDepth":142,"depth":142,"links":1010},[1011,1012,1014,1016,1018,1020,1022,1023,1025,1026,1027],{"id":102,"depth":142,"text":103},{"id":102,"depth":142,"text":1013},"Noncompliant Code Example ( \u003C )",{"id":315,"depth":142,"text":1015},"Noncompliant Code Example ( \u003CARGV> )",{"id":382,"depth":142,"text":1017},"Noncompliant Code Example ( \u003C> )",{"id":432,"depth":142,"text":1019},"Noncompliant Code Example ( -n )",{"id":489,"depth":142,"text":1021},"Noncompliant Code Example ( -p )",{"id":544,"depth":142,"text":545},{"id":544,"depth":142,"text":1024},"Compliant Solution ( \u003C\u003C>> )",{"id":701,"depth":142,"text":702},{"id":775,"depth":142,"text":776},{"id":888,"depth":142,"text":889},"The Perl open() function has several forms. The perlfunc(1) manpage lists the following:","md",{"tags":1031},[1032,1033],"ids","rule","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids31-pl",{"title":30,"description":1028},"7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids31-pl","hn8TiK4-YYM2E6GYIvMIMq3Gqs6cAYf3oHm0xPecZM8",[1039,1042],{"title":1040,"path":987,"stem":1041,"children":-1},"IDS30-PL. Exclude user input from format strings","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids30-pl",{"title":1043,"path":1001,"stem":1044,"children":-1},"IDS32-PL. Validate any integer that is used as an array index","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F4.ids32-pl",[1046],{"title":1047,"path":1048,"stem":1049,"children":1050},"SEI CERT Perl Coding Standard","\u002Fsei-cert-perl-coding-standard","7.sei-cert-perl-coding-standard\u002F1.index",[1051,1052,1107,1230,1378],{"title":1047,"path":1048,"stem":1049},{"title":1053,"path":1054,"stem":1055,"children":1056},"Front Matter","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F1.index",[1057,1058,1062],{"title":1053,"path":1054,"stem":1055},{"title":1059,"path":1060,"stem":1061},"Deprecations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fdeprecations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F2.deprecations",{"title":1063,"path":1064,"stem":1065,"children":1066},"Introduction","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.index",[1067,1068,1072,1076,1080,1084,1088,1092,1095,1099,1103],{"title":1063,"path":1064,"stem":1065},{"title":1069,"path":1070,"stem":1071},"Scope","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.scope",{"title":1073,"path":1074,"stem":1075},"Tool Selection and Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F02.tool-selection-and-validation",{"title":1077,"path":1078,"stem":1079},"Rules versus Recommendations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F03.rules-versus-recommendations",{"title":1081,"path":1082,"stem":1083},"Development Process","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F04.development-process",{"title":1085,"path":1086,"stem":1087},"Usage","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F05.usage",{"title":1089,"path":1090,"stem":1091},"System Qualities","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F06.system-qualities",{"title":702,"path":1093,"stem":1094},"\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frisk-assessment","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F07.risk-assessment",{"title":1096,"path":1097,"stem":1098},"Source Code Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsource-code-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F08.source-code-validation",{"title":1100,"path":1101,"stem":1102},"Automatically Generated Code","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F09.automatically-generated-code",{"title":1104,"path":1105,"stem":1106},"Acknowledgements","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgements","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F11.acknowledgements",{"title":1108,"path":1109,"stem":1110,"children":1111},"Rules","\u002Fsei-cert-perl-coding-standard\u002Frules","7.sei-cert-perl-coding-standard\u002F3.rules\u002F1.index",[1112,1113,1131,1157,1167,1188,1192,1206,1216],{"title":1108,"path":1109,"stem":1110},{"title":1114,"path":1115,"stem":1116,"children":1117},"Declarations and Initialization (DCL)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F1.index",[1118,1119,1123,1127],{"title":1114,"path":1115,"stem":1116},{"title":1120,"path":1121,"stem":1122},"DCL30-PL. Do not import deprecated modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F2.dcl30-pl",{"title":1124,"path":1125,"stem":1126},"DCL31-PL. Do not overload reserved keywords or subroutines","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F3.dcl31-pl",{"title":1128,"path":1129,"stem":1130},"DCL33-PL. Declare identifiers before using them","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F4.dcl33-pl",{"title":1132,"path":1133,"stem":1134,"children":1135},"Expressions (EXP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F1.index",[1136,1137,1141,1145,1149,1153],{"title":1132,"path":1133,"stem":1134},{"title":1138,"path":1139,"stem":1140},"EXP30-PL. Do not use deprecated or obsolete functions or modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F2.exp30-pl",{"title":1142,"path":1143,"stem":1144},"EXP31-PL. Do not suppress or ignore exceptions","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F3.exp31-pl",{"title":1146,"path":1147,"stem":1148},"EXP32-PL. Do not ignore function return values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F4.exp32-pl",{"title":1150,"path":1151,"stem":1152},"EXP33-PL. Do not invoke a function in a context for which it is not defined","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F5.exp33-pl",{"title":1154,"path":1155,"stem":1156},"EXP35-PL. Use the correct operator type for comparing values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F6.exp35-pl",{"title":1158,"path":1159,"stem":1160,"children":1161},"File Input and Output (FIO)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F1.index",[1162,1163],{"title":1158,"path":1159,"stem":1160},{"title":1164,"path":1165,"stem":1166},"FIO30-PL. Use compatible character encodings when performing network or file I\u002FO","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio\u002Ffio30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F2.fio30-pl",{"title":1168,"path":1169,"stem":1170,"children":1171},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[1172,1173,1174,1175,1176,1180,1184],{"title":1168,"path":1169,"stem":1170},{"title":1040,"path":987,"stem":1041},{"title":30,"path":1034,"stem":1036},{"title":1043,"path":1001,"stem":1044},{"title":1177,"path":1178,"stem":1179},"IDS33-PL. Sanitize untrusted data passed across a trust boundary","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F5.ids33-pl",{"title":1181,"path":1182,"stem":1183},"IDS34-PL. Do not pass untrusted, unsanitized data to a command interpreter","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids34-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F6.ids34-pl",{"title":1185,"path":1186,"stem":1187},"IDS35-PL. Do not invoke the eval form with a string argument","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F7.ids35-pl",{"title":1189,"path":1190,"stem":1191},"Integers (INT)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F3.rules\u002F6.integers-int",{"title":1193,"path":1194,"stem":1195,"children":1196},"Miscellaneous (MSC)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F1.index",[1197,1198,1202],{"title":1193,"path":1194,"stem":1195},{"title":1199,"path":1200,"stem":1201},"MSC31-PL. Do not embed global statements","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F2.msc31-pl",{"title":1203,"path":1204,"stem":1205},"MSC32-PL. Do not provide a module's version value from outside the module","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F3.msc32-pl",{"title":1207,"path":1208,"stem":1209,"children":1210},"Object-Oriented Programming (OOP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F1.index",[1211,1212],{"title":1207,"path":1208,"stem":1209},{"title":1213,"path":1214,"stem":1215},"OOP32-PL. Prohibit indirect object call syntax","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop\u002Foop32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F2.oop32-pl",{"title":1217,"path":1218,"stem":1219,"children":1220},"Strings (STR)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F1.index",[1221,1222,1226],{"title":1217,"path":1218,"stem":1219},{"title":1223,"path":1224,"stem":1225},"STR30-PL. Capture variables should be read only immediately after a successful regex match","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F2.str30-pl",{"title":1227,"path":1228,"stem":1229},"STR31-PL. Do not pass string literals to functions expecting regexes","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F3.str31-pl",{"title":1231,"path":1232,"stem":1233,"children":1234},"Recommendations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F1.index",[1235,1236,1265,1298,1311,1324,1337,1362,1375],{"title":1231,"path":1232,"stem":1233},{"title":1114,"path":1237,"stem":1238,"children":1239},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F1.index",[1240,1241,1245,1249,1253,1257,1261],{"title":1114,"path":1237,"stem":1238},{"title":1242,"path":1243,"stem":1244},"DCL00-PL. Do not use subroutine prototypes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F2.dcl00-pl",{"title":1246,"path":1247,"stem":1248},"DCL01-PL. Do not reuse variable names in subscopes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F3.dcl01-pl",{"title":1250,"path":1251,"stem":1252},"DCL02-PL. Any modified punctuation variable should be declared local","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F4.dcl02-pl",{"title":1254,"path":1255,"stem":1256},"DCL03-PL. Do not read a foreach iterator variable after the loop has completed","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F5.dcl03-pl",{"title":1258,"path":1259,"stem":1260},"DCL04-PL. Always initialize local variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F6.dcl04-pl",{"title":1262,"path":1263,"stem":1264},"DCL05-PL. Prohibit Perl4 package names","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F7.dcl05-pl",{"title":1132,"path":1266,"stem":1267,"children":1268},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F1.index",[1269,1270,1274,1278,1282,1286,1290,1294],{"title":1132,"path":1266,"stem":1267},{"title":1271,"path":1272,"stem":1273},"EXP00-PL. Do not return undef","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F2.exp00-pl",{"title":1275,"path":1276,"stem":1277},"EXP01-PL. Do not depend on the return value of functions that lack a return statement","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F3.exp01-pl",{"title":1279,"path":1280,"stem":1281},"EXP03-PL. Do not diminish the benefits of constants by assuming their values in expressions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F4.exp03-pl",{"title":1283,"path":1284,"stem":1285},"EXP04-PL. Do not mix the early-precedence logical operators with late-precedence logical operators","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F5.exp04-pl",{"title":1287,"path":1288,"stem":1289},"EXP06-PL. Do not use an array in an implicit scalar context","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp06-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F6.exp06-pl",{"title":1291,"path":1292,"stem":1293},"EXP07-PL. Do not modify $_ in list or sorting functions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F7.exp07-pl",{"title":1295,"path":1296,"stem":1297},"EXP08-PL. Do not use the one-argument form of select()","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F8.exp08-pl",{"title":1158,"path":1299,"stem":1300,"children":1301},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F1.index",[1302,1303,1307],{"title":1158,"path":1299,"stem":1300},{"title":1304,"path":1305,"stem":1306},"FIO00-PL. Do not use bareword file handles","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F2.fio00-pl",{"title":1308,"path":1309,"stem":1310},"FIO01-PL. Do not operate on files that can be modified by untrusted users","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F3.fio01-pl",{"title":1168,"path":1312,"stem":1313,"children":1314},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[1315,1316,1320],{"title":1168,"path":1312,"stem":1313},{"title":1317,"path":1318,"stem":1319},"IDS00-PL. Canonicalize path names before validating them","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids00-pl",{"title":1321,"path":1322,"stem":1323},"IDS01-PL. Use taint mode while being aware of its limitations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids01-pl",{"title":1189,"path":1325,"stem":1326,"children":1327},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F1.index",[1328,1329,1333],{"title":1189,"path":1325,"stem":1326},{"title":1330,"path":1331,"stem":1332},"INT00-PL. Do not prepend leading zeroes to integer literals","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F2.int00-pl",{"title":1334,"path":1335,"stem":1336},"INT01-PL. Use small integers when precise computation is required","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F3.int01-pl",{"title":1193,"path":1338,"stem":1339,"children":1340},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F1.index",[1341,1342,1346,1350,1354,1358],{"title":1193,"path":1338,"stem":1339},{"title":1343,"path":1344,"stem":1345},"MSC00-PL. Detect and remove dead code","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F2.msc00-pl",{"title":1347,"path":1348,"stem":1349},"MSC01-PL. Detect and remove unused variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F3.msc01-pl",{"title":1351,"path":1352,"stem":1353},"MSC02-PL. Run programs with full warnings and strict checking","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F4.msc02-pl",{"title":1355,"path":1356,"stem":1357},"MSC03-PL. Do not use select() to sleep","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F5.msc03-pl",{"title":1359,"path":1360,"stem":1361},"MSC04-PL. Do not use comma to separate statements","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F6.msc04-pl",{"title":1207,"path":1363,"stem":1364,"children":1365},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F1.index",[1366,1367,1371],{"title":1207,"path":1363,"stem":1364},{"title":1368,"path":1369,"stem":1370},"OOP00-PL. Do not signify inheritence at runtime","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F2.oop00-pl",{"title":1372,"path":1373,"stem":1374},"OOP01-PL. Do not access private variables or subroutines in other packages","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F3.oop01-pl",{"title":1217,"path":1376,"stem":1377},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F9.strings-str",{"title":1379,"path":1380,"stem":1381,"children":1382},"Back Matter","\u002Fsei-cert-perl-coding-standard\u002Fback-matter","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F1.index",[1383,1384,1388,1416],{"title":1379,"path":1380,"stem":1381},{"title":1385,"path":1386,"stem":1387},"AA. Bibliography","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F2.aa-bibliography",{"title":1389,"path":1390,"stem":1391,"children":1392},"BB. Analyzers","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F1.index",[1393,1394,1398,1402,1406,1410,1412],{"title":1389,"path":1390,"stem":1391},{"title":1395,"path":1396,"stem":1397},"Critic","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F2.critic",{"title":1399,"path":1400,"stem":1401},"Critic_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F3.critic_v",{"title":1403,"path":1404,"stem":1405},"Lint","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F4.lint",{"title":1407,"path":1408,"stem":1409},"Lint_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F5.lint_v",{"title":868,"path":867,"stem":1411},"7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F6.security-reviewer-static-reviewer",{"title":1413,"path":1414,"stem":1415},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F7.security-reviewer-static-reviewer_v",{"title":1417,"path":1418,"stem":1419},"CC. Risk Assessments","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fcc-risk-assessments","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F4.cc-risk-assessments",1775657793486]