NAME¶

Perl::Critic::Policy::Community::OpenArgs - Always use the three-argument form of open

DESCRIPTION¶

The open() function may be called in a two-argument form where the filename is parsed to determine the mode of opening, which may include piping input or output. (In the one-argument form, this filename is retrieved from a global variable, but the same magic is used.) This can lead to vulnerabilities if the filename is retrieved from user input or could begin or end with a special character. The three-argument form specifies the open mode as the second argument, so it is always distinct from the filename.

  open FILE;                   # not ok
  open my $fh, "<$filename";   # not ok
  open my $fh, '<', $filename; # ok

This policy is similar to the core policy Perl::Critic::Policy::InputOutput::ProhibitTwoArgOpen, but additionally prohibits one-argument opens.

AFFILIATION¶

This policy is part of Perl::Critic::Community.

CONFIGURATION¶

This policy is not configurable except for the standard options.

AUTHOR¶

Dan Book, "dbook@cpan.org"

COPYRIGHT AND LICENSE¶

This library is free software; you may redistribute it and/or modify it under the terms of the Artistic License version 2.0.

Source file:	Perl::Critic::Policy::Community::OpenArgs.3pm.en.gz (from perl-Perl-Critic-Community 1.0.3-1.8)
Source last updated:	2022-07-25T03:07:33Z
Converted to HTML:	2024-12-25T01:26:34Z