Provided by: libperl-critic-freenode-perl_0.028-1_all
Perl::Critic::Policy::Freenode::OpenArgs - Always use the three-argument form of open
The "open()" function may be called in a two-argument form where the filename is parsed to determine the mode of opening, which may include piping input or output. (In the one- argument form, this filename is retrieved from a global variable, but the same magic is used.) This can lead to vulnerabilities if the filename is retrieved from user input or could begin or end with a special character. The three-argument form specifies the open mode as the second argument, so it is always distinct from the filename. open FILE; # not ok open my $fh, "<$filename"; # not ok open my $fh, '<', $filename; # ok This policy is similar to the core policy Perl::Critic::Policy::InputOutput::ProhibitTwoArgOpen, but additionally prohibits one- argument opens.
This policy is part of Perl::Critic::Freenode.
This policy is not configurable except for the standard options.
Dan Book, "email@example.com"
COPYRIGHT AND LICENSE
Copyright 2015, Dan Book. This library is free software; you may redistribute it and/or modify it under the terms of the Artistic License version 2.0.
Perl::Critic perl v5.28.1 2018-12-Perl::Critic::Policy::Freenode::OpenArgs(3pm)