October 2014 – Mastering Perl

More fun with the diamond operator

In The double diamond, a more secure <>, I showed how the diamond operator treated some characters as special when it tried to open the filenames in @ARGV. I used a file name that ended with a | to read the output for an external command.

Thinking about it more, I realized the problem is even worse. Opening an external command to read the output might even be useful. What if I start the filename with > to open a file for writing, but not only writing, to truncate it to? Continue reading “More fun with the diamond operator”

The double diamond, a more secure <>

We’ve had the three argument open since Perl 5.6. This allows us to separate the way we want to interact with the file from the filename. There’s a place where we don’t get to choose, but Perl 5.22 might introduce a new operator to handle that. Continue reading “The double diamond, a more secure <>“

The Data::Dumper stack smash (fixed)

Problems with data serializers was a major change to Mastering Perl. The Storable issue with malformed inputs was known for a long time but nobody much cared about it. Now it’s Data::Dumper‘s turn. Continue reading “The Data::Dumper stack smash (fixed)”