[{"data":1,"prerenderedAt":833},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr31-pl":28,"surround-\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr31-pl":448,"sidebar-sei-cert-perl-coding-standard":456},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":438,"extension":439,"meta":440,"navigation":7,"path":444,"seo":445,"stem":446,"__hash__":447},"content\u002F7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F3.str31-pl.md","STR31-PL. Do not pass string literals to functions expecting regexes",{"type":32,"value":33,"toc":430},"minimark",[34,38,47,52,55,109,120,124,149,190,194,221,251,255,321,325,353,357,402,405,426],[35,36,30],"h1",{"id":37},"str31-pl-do-not-pass-string-literals-to-functions-expecting-regexes",[39,40,41,42,46],"p",{},"Many built-in functions accept a regex pattern as an argument. Furthermore, any subroutine can accept a string yet treat it as a regex pattern. This could be done, for example, by passing the string to the match operator ( ",[43,44,45],"code",{},"m\u002F\u002F"," ). Because regex patterns are encoded as regular strings, it is tempting to assume that a string literal will be treated as if a regex that matched only that string literal were supplied. Unexpected function behavior can result if the string contains characters that have special meanings when the string is treated as a regex pattern. Therefore, do not pass strings that are not clearly regex patterns to a function that takes a regex.",[48,49,51],"h2",{"id":50},"noncompliant-code-example","Noncompliant Code Example",[39,53,54],{},"This code example appears to split a list of names.",[56,57,59],"code-block",{"quality":58},"bad",[60,61,66],"pre",{"className":62,"code":63,"language":64,"meta":65,"style":65},"language-perl shiki shiki-themes github-light github-dark monokai","my $data = 'Tom$Dick$Harry';\nmy @names = split( '$', $data);\n","perl","",[43,67,68,88],{"__ignoreMap":65},[69,70,73,77,81,85],"span",{"class":71,"line":72},"line",1,[69,74,76],{"class":75},"sC2Qs","my",[69,78,80],{"class":79},"sMOD_"," $data = ",[69,82,84],{"class":83},"sstjo","'Tom$Dick$Harry'",[69,86,87],{"class":79},";\n",[69,89,91,93,96,100,103,106],{"class":71,"line":90},2,[69,92,76],{"class":75},[69,94,95],{"class":79}," @names = ",[69,97,99],{"class":98},"sTrkL","split",[69,101,102],{"class":79},"( ",[69,104,105],{"class":83},"'$'",[69,107,108],{"class":79},", $data);\n",[39,110,111,112,115,116,119],{},"But the first argument to ",[43,113,114],{},"split()"," is treated as a regex pattern. Because ",[43,117,118],{},"$"," indicates the end of the string, no splitting occurs.",[48,121,123],{"id":122},"compliant-solution","Compliant Solution",[39,125,126,127,129,130,132,133,136,137,140,141,144,145,148],{},"This compliant solution passes a regex pattern to ",[43,128,114],{}," as the first argument, properly specifying ",[43,131,118],{}," as a raw character. Consequently, ",[43,134,135],{},"@names"," is assigned the three names ",[43,138,139],{},"Tom"," , ",[43,142,143],{},"Dick"," , and ",[43,146,147],{},"Harry"," .",[56,150,152],{"quality":151},"good",[60,153,155],{"className":62,"code":154,"language":64,"meta":65,"style":65},"my $data = 'Tom$Dick$Harry';\nmy @names = split( m\u002F\\$\u002F, $data);\n",[43,156,157,167],{"__ignoreMap":65},[69,158,159,161,163,165],{"class":71,"line":72},[69,160,76],{"class":75},[69,162,80],{"class":79},[69,164,84],{"class":83},[69,166,87],{"class":79},[69,168,169,171,173,175,177,180,182,186,188],{"class":71,"line":90},[69,170,76],{"class":75},[69,172,95],{"class":79},[69,174,99],{"class":98},[69,176,102],{"class":79},[69,178,179],{"class":98},"m",[69,181,6],{"class":83},[69,183,185],{"class":184},"sHuvb","\\$",[69,187,6],{"class":83},[69,189,108],{"class":79},[48,191,193],{"id":192},"exceptions","Exceptions",[39,195,196,200,201,208,209,213,214,217,218,220],{},[197,198,199],"strong",{},"STR31-PL-EX0"," : A string literal may be passed to a function if it normally takes a regex pattern but provides special behavior for that string. For example, the ",[202,203,207],"a",{"href":204,"rel":205},"http:\u002F\u002Fperldoc.perl.org\u002Fperlfunc.html",[206],"nofollow","perlfunc"," manpage [ ",[202,210,212],{"href":211},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Manpages","Wall 2011"," ] says, regarding ",[43,215,216],{},"PATTERN"," , the first argument to ",[43,219,114],{}," :",[222,223,224],"blockquote",{},[39,225,226,227,233,234,238,239,244,245,250],{},"As a special case, specifying a PATTERN of space ( ",[228,229,230],"em",{},[43,231,232],{},"    ' '   "," ) will split on white space just as \" ",[228,235,236],{},[43,237,99],{}," \" with no arguments does. Thus, \" ",[228,240,241],{},[43,242,243],{},"    split(' ')   "," \" can be used to emulate awk's default behavior, whereas \" ",[228,246,247],{},[43,248,249],{},"    split(\u002F \u002F)   "," \" will give you as many initial null fields (empty string) as there are leading spaces.",[48,252,254],{"id":253},"risk-assessment","Risk Assessment",[256,257,258,259,258,289],"table",{},"\n  ",[260,261,262,263,258],"thead",{},"\n    ",[264,265,266,267,266,271,266,274,266,277,266,280,266,283,266,286,262],"tr",{},"\n      ",[268,269,270],"th",{},"Rule",[268,272,273],{},"Severity",[268,275,276],{},"Likelihood",[268,278,279],{},"Detectable",[268,281,282],{},"Repairable",[268,284,285],{},"Priority",[268,287,288],{},"Level",[290,291,262,292,258],"tbody",{},[264,293,266,294,266,298,266,301,266,304,266,307,266,309,266,316,262],{},[295,296,297],"td",{},"STR31-PL",[295,299,300],{},"Low",[295,302,303],{},"Likely",[295,305,306],{},"Yes",[295,308,306],{},[295,310,312],{"style":311},"color: #f1c40f;",[313,314,315],"b",{},"P9",[295,317,318],{"style":311},[313,319,320],{},"L2",[48,322,324],{"id":323},"automated-detection","Automated Detection",[256,326,327,335],{},[260,328,329],{},[264,330,331,333],{},[268,332],{},[268,334],{},[290,336,337,345],{},[264,338,339,342],{},[295,340,341],{},"Tool",[295,343,344],{},"Diagnostic",[264,346,347,350],{},[295,348,349],{},"Perl::Critic",[295,351,352],{},"BuiltinFunctions::ProhibitStringySplit",[48,354,356],{"id":355},"bibliography","Bibliography",[256,358,359,367],{},[260,360,361],{},[264,362,363,365],{},[268,364],{},[268,366],{},[290,368,369,391],{},[264,370,371,379],{},[295,372,373,374,378],{},"[ ",[202,375,377],{"href":376},"\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-CPAN","CPAN"," ]",[295,380,381,386,387],{},[202,382,385],{"href":383,"rel":384},"http:\u002F\u002Fsearch.cpan.org\u002F%7Eelliotjs\u002FPerl-Critic-1.116\u002F",[206],"Elliot Shank, Perl-Critic-1.116"," ",[202,388,352],{"href":389,"rel":390},"http:\u002F\u002Fsearch.cpan.org\u002Fdist\u002FPerl-Critic\u002Flib\u002FPerl\u002FCritic\u002FPolicy\u002FSubroutines\u002FProhibitSubroutinePrototypes.pm",[206],[264,392,393,397],{},[295,394,373,395,378],{},[202,396,212],{"href":211},[295,398,399],{},[202,400,207],{"href":204,"rel":401},[206],[403,404],"hr",{},[39,406,407,386,414,386,420],{},[202,408,410],{"href":409},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr30-pl",[411,412],"img",{"src":413},"\u002Fattachments\u002F88890562\u002F88892207.png",[202,415,417],{"href":416},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002F",[411,418],{"src":419},"\u002Fattachments\u002F88890562\u002F88892209.png",[202,421,423],{"href":422},"\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop\u002F",[411,424],{"src":425},"\u002Fattachments\u002F88890562\u002F88892208.png",[427,428,429],"style",{},"html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html pre.shiki code .sTrkL, html code.shiki .sTrkL{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#66D9EF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .sHuvb, html code.shiki .sHuvb{--shiki-default:#22863A;--shiki-default-font-weight:bold;--shiki-dark:#85E89D;--shiki-dark-font-weight:bold;--shiki-sepia:#AE81FF;--shiki-sepia-font-weight:inherit}",{"title":65,"searchDepth":90,"depth":90,"links":431},[432,433,434,435,436,437],{"id":50,"depth":90,"text":51},{"id":122,"depth":90,"text":123},{"id":192,"depth":90,"text":193},{"id":253,"depth":90,"text":254},{"id":323,"depth":90,"text":324},{"id":355,"depth":90,"text":356},"Many built-in functions accept a regex pattern as an argument. Furthermore, any subroutine can accept a string yet treat it as a regex pattern. This could be done, for example, by passing the string to the match operator ( m\u002F\u002F ). Because regex patterns are encoded as regular strings, it is tempting to assume that a string literal will be treated as if a regex that matched only that string literal were supplied. Unexpected function behavior can result if the string contains characters that have special meanings when the string is treated as a regex pattern. Therefore, do not pass strings that are not clearly regex patterns to a function that takes a regex.","md",{"tags":441},[442,443],"str","rule","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str\u002Fstr31-pl",{"title":30,"description":438},"7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F3.str31-pl","bUfvWkYtUUoZD0959SJLIIEyLkM6DJtM5vaNzzjM44g",[449,452],{"title":450,"path":409,"stem":451,"children":-1},"STR30-PL. Capture variables should be read only immediately after a successful regex match","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F2.str30-pl",{"title":453,"path":454,"stem":455,"children":-1},"Recommendations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F1.index",[457],{"title":458,"path":459,"stem":460,"children":461},"SEI CERT Perl Coding Standard","\u002Fsei-cert-perl-coding-standard","7.sei-cert-perl-coding-standard\u002F1.index",[462,463,518,644,789],{"title":458,"path":459,"stem":460},{"title":464,"path":465,"stem":466,"children":467},"Front Matter","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F1.index",[468,469,473],{"title":464,"path":465,"stem":466},{"title":470,"path":471,"stem":472},"Deprecations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fdeprecations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F2.deprecations",{"title":474,"path":475,"stem":476,"children":477},"Introduction","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.index",[478,479,483,487,491,495,499,503,506,510,514],{"title":474,"path":475,"stem":476},{"title":480,"path":481,"stem":482},"Scope","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F01.scope",{"title":484,"path":485,"stem":486},"Tool Selection and Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F02.tool-selection-and-validation",{"title":488,"path":489,"stem":490},"Rules versus Recommendations","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F03.rules-versus-recommendations",{"title":492,"path":493,"stem":494},"Development Process","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F04.development-process",{"title":496,"path":497,"stem":498},"Usage","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F05.usage",{"title":500,"path":501,"stem":502},"System Qualities","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F06.system-qualities",{"title":254,"path":504,"stem":505},"\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frisk-assessment","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F07.risk-assessment",{"title":507,"path":508,"stem":509},"Source Code Validation","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsource-code-validation","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F08.source-code-validation",{"title":511,"path":512,"stem":513},"Automatically Generated Code","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F09.automatically-generated-code",{"title":515,"path":516,"stem":517},"Acknowledgements","\u002Fsei-cert-perl-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgements","7.sei-cert-perl-coding-standard\u002F2.front-matter\u002F3.introduction\u002F11.acknowledgements",{"title":519,"path":520,"stem":521,"children":522},"Rules","\u002Fsei-cert-perl-coding-standard\u002Frules","7.sei-cert-perl-coding-standard\u002F3.rules\u002F1.index",[523,524,542,568,578,608,612,626,636],{"title":519,"path":520,"stem":521},{"title":525,"path":526,"stem":527,"children":528},"Declarations and Initialization (DCL)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F1.index",[529,530,534,538],{"title":525,"path":526,"stem":527},{"title":531,"path":532,"stem":533},"DCL30-PL. Do not import deprecated modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F2.dcl30-pl",{"title":535,"path":536,"stem":537},"DCL31-PL. Do not overload reserved keywords or subroutines","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F3.dcl31-pl",{"title":539,"path":540,"stem":541},"DCL33-PL. Declare identifiers before using them","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F2.declarations-and-initialization-dcl\u002F4.dcl33-pl",{"title":543,"path":544,"stem":545,"children":546},"Expressions (EXP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F1.index",[547,548,552,556,560,564],{"title":543,"path":544,"stem":545},{"title":549,"path":550,"stem":551},"EXP30-PL. Do not use deprecated or obsolete functions or modules","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F2.exp30-pl",{"title":553,"path":554,"stem":555},"EXP31-PL. Do not suppress or ignore exceptions","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F3.exp31-pl",{"title":557,"path":558,"stem":559},"EXP32-PL. Do not ignore function return values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F4.exp32-pl",{"title":561,"path":562,"stem":563},"EXP33-PL. Do not invoke a function in a context for which it is not defined","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F5.exp33-pl",{"title":565,"path":566,"stem":567},"EXP35-PL. Use the correct operator type for comparing values","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F3.expressions-exp\u002F6.exp35-pl",{"title":569,"path":570,"stem":571,"children":572},"File Input and Output (FIO)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F1.index",[573,574],{"title":569,"path":570,"stem":571},{"title":575,"path":576,"stem":577},"FIO30-PL. Use compatible character encodings when performing network or file I\u002FO","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Ffile-input-and-output-fio\u002Ffio30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F4.file-input-and-output-fio\u002F2.fio30-pl",{"title":579,"path":580,"stem":581,"children":582},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[583,584,588,592,596,600,604],{"title":579,"path":580,"stem":581},{"title":585,"path":586,"stem":587},"IDS30-PL. Exclude user input from format strings","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids30-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids30-pl",{"title":589,"path":590,"stem":591},"IDS31-PL. Do not use the two-argument form of open()","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids31-pl",{"title":593,"path":594,"stem":595},"IDS32-PL. Validate any integer that is used as an array index","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F4.ids32-pl",{"title":597,"path":598,"stem":599},"IDS33-PL. Sanitize untrusted data passed across a trust boundary","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids33-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F5.ids33-pl",{"title":601,"path":602,"stem":603},"IDS34-PL. Do not pass untrusted, unsanitized data to a command interpreter","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids34-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F6.ids34-pl",{"title":605,"path":606,"stem":607},"IDS35-PL. Do not invoke the eval form with a string argument","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids35-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F5.input-validation-and-data-sanitization-ids\u002F7.ids35-pl",{"title":609,"path":610,"stem":611},"Integers (INT)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F3.rules\u002F6.integers-int",{"title":613,"path":614,"stem":615,"children":616},"Miscellaneous (MSC)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F1.index",[617,618,622],{"title":613,"path":614,"stem":615},{"title":619,"path":620,"stem":621},"MSC31-PL. Do not embed global statements","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc31-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F2.msc31-pl",{"title":623,"path":624,"stem":625},"MSC32-PL. Do not provide a module's version value from outside the module","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F7.miscellaneous-msc\u002F3.msc32-pl",{"title":627,"path":628,"stem":629,"children":630},"Object-Oriented Programming (OOP)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F1.index",[631,632],{"title":627,"path":628,"stem":629},{"title":633,"path":634,"stem":635},"OOP32-PL. Prohibit indirect object call syntax","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fobject-oriented-programming-oop\u002Foop32-pl","7.sei-cert-perl-coding-standard\u002F3.rules\u002F8.object-oriented-programming-oop\u002F2.oop32-pl",{"title":637,"path":638,"stem":639,"children":640},"Strings (STR)","\u002Fsei-cert-perl-coding-standard\u002Frules\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F3.rules\u002F9.strings-str\u002F1.index",[641,642,643],{"title":637,"path":638,"stem":639},{"title":450,"path":409,"stem":451},{"title":30,"path":444,"stem":446},{"title":453,"path":454,"stem":455,"children":645},[646,647,676,709,722,735,748,773,786],{"title":453,"path":454,"stem":455},{"title":525,"path":648,"stem":649,"children":650},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F1.index",[651,652,656,660,664,668,672],{"title":525,"path":648,"stem":649},{"title":653,"path":654,"stem":655},"DCL00-PL. Do not use subroutine prototypes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F2.dcl00-pl",{"title":657,"path":658,"stem":659},"DCL01-PL. Do not reuse variable names in subscopes","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F3.dcl01-pl",{"title":661,"path":662,"stem":663},"DCL02-PL. Any modified punctuation variable should be declared local","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F4.dcl02-pl",{"title":665,"path":666,"stem":667},"DCL03-PL. Do not read a foreach iterator variable after the loop has completed","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F5.dcl03-pl",{"title":669,"path":670,"stem":671},"DCL04-PL. Always initialize local variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F6.dcl04-pl",{"title":673,"path":674,"stem":675},"DCL05-PL. Prohibit Perl4 package names","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F2.declarations-and-initialization-dcl\u002F7.dcl05-pl",{"title":543,"path":677,"stem":678,"children":679},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F1.index",[680,681,685,689,693,697,701,705],{"title":543,"path":677,"stem":678},{"title":682,"path":683,"stem":684},"EXP00-PL. Do not return undef","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F2.exp00-pl",{"title":686,"path":687,"stem":688},"EXP01-PL. Do not depend on the return value of functions that lack a return statement","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F3.exp01-pl",{"title":690,"path":691,"stem":692},"EXP03-PL. Do not diminish the benefits of constants by assuming their values in expressions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F4.exp03-pl",{"title":694,"path":695,"stem":696},"EXP04-PL. Do not mix the early-precedence logical operators with late-precedence logical operators","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F5.exp04-pl",{"title":698,"path":699,"stem":700},"EXP06-PL. Do not use an array in an implicit scalar context","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp06-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F6.exp06-pl",{"title":702,"path":703,"stem":704},"EXP07-PL. Do not modify $_ in list or sorting functions","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F7.exp07-pl",{"title":706,"path":707,"stem":708},"EXP08-PL. Do not use the one-argument form of select()","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F3.expressions-exp\u002F8.exp08-pl",{"title":569,"path":710,"stem":711,"children":712},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F1.index",[713,714,718],{"title":569,"path":710,"stem":711},{"title":715,"path":716,"stem":717},"FIO00-PL. Do not use bareword file handles","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F2.fio00-pl",{"title":719,"path":720,"stem":721},"FIO01-PL. Do not operate on files that can be modified by untrusted users","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Ffile-input-and-output-fio\u002Ffio01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F4.file-input-and-output-fio\u002F3.fio01-pl",{"title":579,"path":723,"stem":724,"children":725},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F1.index",[726,727,731],{"title":579,"path":723,"stem":724},{"title":728,"path":729,"stem":730},"IDS00-PL. Canonicalize path names before validating them","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F2.ids00-pl",{"title":732,"path":733,"stem":734},"IDS01-PL. Use taint mode while being aware of its limitations","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F5.input-validation-and-data-sanitization-ids\u002F3.ids01-pl",{"title":609,"path":736,"stem":737,"children":738},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F1.index",[739,740,744],{"title":609,"path":736,"stem":737},{"title":741,"path":742,"stem":743},"INT00-PL. Do not prepend leading zeroes to integer literals","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F2.int00-pl",{"title":745,"path":746,"stem":747},"INT01-PL. Use small integers when precise computation is required","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F6.integers-int\u002F3.int01-pl",{"title":613,"path":749,"stem":750,"children":751},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F1.index",[752,753,757,761,765,769],{"title":613,"path":749,"stem":750},{"title":754,"path":755,"stem":756},"MSC00-PL. Detect and remove dead code","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F2.msc00-pl",{"title":758,"path":759,"stem":760},"MSC01-PL. Detect and remove unused variables","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F3.msc01-pl",{"title":762,"path":763,"stem":764},"MSC02-PL. Run programs with full warnings and strict checking","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc02-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F4.msc02-pl",{"title":766,"path":767,"stem":768},"MSC03-PL. Do not use select() to sleep","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc03-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F5.msc03-pl",{"title":770,"path":771,"stem":772},"MSC04-PL. Do not use comma to separate statements","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F7.miscellaneous-msc\u002F6.msc04-pl",{"title":627,"path":774,"stem":775,"children":776},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F1.index",[777,778,782],{"title":627,"path":774,"stem":775},{"title":779,"path":780,"stem":781},"OOP00-PL. Do not signify inheritence at runtime","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop00-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F2.oop00-pl",{"title":783,"path":784,"stem":785},"OOP01-PL. Do not access private variables or subroutines in other packages","\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fobject-oriented-programming-oop\u002Foop01-pl","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F8.object-oriented-programming-oop\u002F3.oop01-pl",{"title":637,"path":787,"stem":788},"\u002Fsei-cert-perl-coding-standard\u002Frecommendations\u002Fstrings-str","7.sei-cert-perl-coding-standard\u002F4.recommendations\u002F9.strings-str",{"title":790,"path":791,"stem":792,"children":793},"Back Matter","\u002Fsei-cert-perl-coding-standard\u002Fback-matter","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F1.index",[794,795,799,829],{"title":790,"path":791,"stem":792},{"title":796,"path":797,"stem":798},"AA. Bibliography","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Faa-bibliography","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F2.aa-bibliography",{"title":800,"path":801,"stem":802,"children":803},"BB. Analyzers","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F1.index",[804,805,809,813,817,821,825],{"title":800,"path":801,"stem":802},{"title":806,"path":807,"stem":808},"Critic","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F2.critic",{"title":810,"path":811,"stem":812},"Critic_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fcritic_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F3.critic_v",{"title":814,"path":815,"stem":816},"Lint","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F4.lint",{"title":818,"path":819,"stem":820},"Lint_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Flint_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F5.lint_v",{"title":822,"path":823,"stem":824},"Security Reviewer - Static Reviewer","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F6.security-reviewer-static-reviewer",{"title":826,"path":827,"stem":828},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fbb-analyzers\u002Fsecurity-reviewer-static-reviewer_v","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F3.bb-analyzers\u002F7.security-reviewer-static-reviewer_v",{"title":830,"path":831,"stem":832},"CC. Risk Assessments","\u002Fsei-cert-perl-coding-standard\u002Fback-matter\u002Fcc-risk-assessments","7.sei-cert-perl-coding-standard\u002F5.back-matter\u002F4.cc-risk-assessments",1775657790700]