Skip Menu |
 

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the Perl-Critic CPAN distribution.

Report information
The Basics
Id: 20465
Status: open
Priority: 0/
Queue: Perl-Critic

People
Owner: Nobody in particular
Requestors: jjore [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: Magic <> should be a warning
MIME-Version: 1.0
X-Mailer: MIME-tools 5.418 (Entity 5.418)
Content-Type: text/plain; charset="utf8"
Content-Disposition: inline
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
Content-Length: 279
Download (untitled) / with headers
text/plain 279b
All uses of <>, readline(ARGV), <ARGV> should be a warning. This uses a two-arg open internally which means that if it was ever given a file named something heinous, perl would do bad things. chomp( my $out = <> ); while (<>) { chomp; $out .= ", $_"; } print $out, "\n";
MIME-Version: 1.0
X-Mailer: MIME-tools 5.418 (Entity 5.418)
Content-Disposition: inline
Message-Id: <rt-3.6.HEAD-18691-1160076118-469.20465-0-0 [...] rt.cpan.org>
Content-Type: text/plain; charset="utf8"
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
X-RT-Original-Encoding: utf-8
Content-Length: 569
Download (untitled) / with headers
text/plain 569b
On Fri Jul 14 17:25:58 2006, JJORE wrote: Show quoted text
> All uses of <>, readline(ARGV), <ARGV> should be a warning. This uses > a two-arg open internally which means that if it was ever given a file > named something heinous, perl would do bad things. > > chomp( my $out = <> ); > while (<>) { > chomp; > $out .= ", $_"; > } > print $out, "\n";
Hmm, this is a good idea. Additionally, this should be filed against Perl itself. Does Perl 5.9.x still use two-arg open for this? I'm trying to read the Perl_nextargv function in doio.c in 5.9.4 and I can't figure it out.
CC: JJORE [...] cpan.org
MIME-Version: 1.0
X-Spam-Status: No, hits=-2.4 required=8.0 tests=BAYES_00,DK_SIGNED,DK_VERIFIED,DNS_FROM_RFC_ABUSE,SPF_PASS
In-Reply-To: <rt-3.6.HEAD-18691-1160076118-469.20465-6-0 [...] rt.cpan.org>
Content-Disposition: inline
Received-SPF: pass (x1.develooper.com: domain of twists [...] gmail.com designates 64.233.166.178 as permitted sender)
References: <RT-Ticket-20465 [...] rt.cpan.org> <rt-3.6.HEAD-18691-1160076118-469.20465-6-0 [...] rt.cpan.org>
Content-Type: text/plain; charset="utf-8"; format="flowed"
X-RT-Original-Encoding: ISO-8859-1
Received: from la.mx.develooper.com (x1.develooper.com [63.251.223.170]) by diesel.bestpractical.com (Postfix) with SMTP id 0C38D4D80CC for <bug-Perl-Critic [...] rt.cpan.org>; Thu, 5 Oct 2006 15:46:02 -0400 (EDT)
Received: (qmail 7199 invoked by alias); 5 Oct 2006 19:46:02 -0000
Received: from py-out-1112.google.com (HELO py-out-1112.google.com) (64.233.166.178) by la.mx.develooper.com (qpsmtpd/0.28) with ESMTP; Thu, 05 Oct 2006 12:46:00 -0700
Received: by py-out-1112.google.com with SMTP id t32so838502pyc for <bug-Perl-Critic [...] rt.cpan.org>; Thu, 05 Oct 2006 12:45:55 -0700 (PDT)
Received: by 10.35.43.10 with SMTP id v10mr4220029pyj; Thu, 05 Oct 2006 12:45:55 -0700 (PDT)
Received: by 10.35.124.10 with HTTP; Thu, 5 Oct 2006 12:45:55 -0700 (PDT)
Delivered-To: cpan-bug+perl-critic [...] diesel.bestpractical.com
Subject: Re: [rt.cpan.org #20465] Magic <> should be a warning
Domainkey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=tv1F/wPLvdyGYZQVstFz7zdFlHqbakG1Oq7pp4SMqNUM3fMyO8cVOmREmga/h7T+CC9HExiJg053mDTWztsawV9P1/S5WXKyKQtMualillhY1hNTxO9zELpDpu2jpp0a+LgkzOfd6XV2NGGW8Ns5DvVr0M0h96SoZ33J9jaZTyM=
Return-Path: <twists [...] gmail.com>
X-Spam-Check-BY: la.mx.develooper.com
X-Original-To: bug-Perl-Critic [...] rt.cpan.org
Date: Thu, 5 Oct 2006 14:45:55 -0500
Message-Id: <dc5c751d0610051245g6a628eedgc91489b57c1fd6e0 [...] mail.gmail.com>
To: bug-Perl-Critic [...] rt.cpan.org
Content-Transfer-Encoding: 7bit
From: "Joshua ben Jore" <twists [...] gmail.com>
X-RT-Original-Encoding: utf-8
RT-Message-ID: <rt-3.6.HEAD-18697-1160077566-809.20465-0-0 [...] rt.cpan.org>
Content-Length: 1095
On 10/5/06, via RT <bug-Perl-Critic@rt.cpan.org> wrote: Show quoted text
> > <URL: http://rt.cpan.org/Ticket/Display.html?id=20465 > > > On Fri Jul 14 17:25:58 2006, JJORE wrote:
> > All uses of <>, readline(ARGV), <ARGV> should be a warning. This uses > > a two-arg open internally which means that if it was ever given a file > > named something heinous, perl would do bad things. > > > > chomp( my $out = <> ); > > while (<>) { > > chomp; > > $out .= ", $_"; > > } > > print $out, "\n";
> > Hmm, this is a good idea. Additionally, this should be filed against > Perl itself. Does Perl 5.9.x still use two-arg open for this? I'm > trying to read the Perl_nextargv function in doio.c in 5.9.4 and I can't > figure it out.
Sure does. I keep meaning to file a bug report that files named friendly thingsl ike "<< EXTRA! EXTRA! >>" can't be opened by perl because of this feature but wanted to send a patch with it at the same time and I didn't get around to understanding the code to do it. I wanted to say "... understand the code _well enough_ ..." but it was hairy and I never really got it. Josh


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.