summaryrefslogtreecommitdiff
path: root/pod
diff options
context:
space:
mode:
authorPerl 5 Porters <perl5-porters@africa.nicoh.com>1997-09-05 00:00:00 +0000
committerTim Bunce <Tim.Bunce@ig.co.uk>1997-09-05 00:00:00 +0000
commitfb73857aa0bfa8ed43d4d2f972c564c70a57e0c4 (patch)
tree97d2a45b0611b7b171257c2bc54d6532de48ff7f /pod
parent464ed3b648d262825ad1bfc5a2e55de2507fd651 (diff)
parent62b753c6ae4ab9bf22fbb6ec7ceac820bcef8fe4 (diff)
downloadperl-fb73857aa0bfa8ed43d4d2f972c564c70a57e0c4.tar.gz
[inseparable changes from patch to perl 5.004_04]perl-5.004_04
[editor's note: this one imported like a charm!] TESTS - Subject: Improve pragma/locale test 102 - and don't fail, just warn From: Jarkko Hietaniemi <jhi@anna.in-berlin.de> Files: t/pragma/locale.t Subject: Invalid test output in t/op/taint.t in trial 1 From: Dan Sugalski <sugalsd@lbcc.cc.or.us> Files: t/op/taint.t t/op/taint.t prints out invalid ok messages for tests it skips. Rather than printing "ok 136" it prints "136 ok". p5p-msgid: 3.0.3.32.19970919160918.00857a50@stargate.lbcc.cc.or.us UTILITIES - Subject: Perldoc tiny patch to avoid $0 From: Ilya Zakharevich <ilya@math.ohio-state.edu> Files: utils/perldoc.PL Msg-ID: 199709122141.RAA16846@monk.mps.ohio-state.edu (applied based on p5p patch as commit 0b166b6635cf199f072db516b2a523ee659394d5) Subject: h2ph broken in 5.004_02 From: David Mazieres <dm@reeducation-labor.lcs.mit.edu> Files: utils/h2ph.PL Msg-ID: 199708201700.KAA02621@www.chapin.edu (applied based on p5p patch as commit 4a8e146e38ec2045f1f817a7cb578e1b1f80f39f) Subject: add key_t caddr_t to h2ph From: Tony Sanders <sanders@bsdi.com> Files: eg/sysvipc/ipcsem utils/h2ph.PL Msg-ID: 199708272301.RAA12803@austin.bsdi.com (applied based on p5p patch as commit 0806a92ffc3a74ca70aa81051cdf2a306cd0a8af) Subject: perldoc search ., lib and blib/* if -f 'Makefile.PL' From: Tim Bunce <Tim.Bunce@ig.co.uk> Files: utils/perldoc.PL Subject: perldoc finds wrong pod2man (from perldoc source) # We must look both in @INC for library modules and in PATH # for executables, like h2xs or perldoc itself. Unfortunately, searching PATH for installed perl executables like pod2man is INCORRECT. perldoc should start by searching the directory it was executed from, which might not be in the PATH at all. Credited: Joseph "Moof-in'" Hall <joseph@cscaper.com> p5p-msgid: 199708251732.KAA19299@gadget.cscaper.com Subject: 5.004m4t1: perlbug: NIS domainname gets into wrong places From: Andreas J. Koenig <koenig@anna.mind.de> Files: utils/perlbug.PL Msg-ID: sfcg1qy38as.fsf@anna.in-berlin.de (applied based on p5p patch as commit 41f926b844140b7f7eaa9302113e45df3a9f9ff4) Subject: add better local patch info to perlbug From: Tim Bunce <Tim.Bunce@ig.co.uk> Files: utils/perlbug.PL Subject: perldoc - suggest modules if requested module not found From: Anthony David <adavid@netinfo.com.au> Files: utils/perldoc.PL private-msgid: 3439CD83.6969@netinfo.com.au Subject: perldoc mail::foo tries to read binary /usr/ucb/mail From: Tim Bunce <Tim.Bunce@ig.co.uk> Files: utils/perldoc.PL Subject: perldoc weirdness perldoc mail::imap yields: {joseph}:79% perldoc mail::foo can't open /usr/ucb/mail: Permission denied at ./pod2man line 362. Credited: Joseph "Moof-in'" Hall <joseph@cscaper.com> p5p-msgid: 199710082014.NAA00808@gadget.cscaper.com Subject: perldoc -f setpwent (for example) returns no descriptive text From: Tim Bunce <Tim.Bunce@ig.co.uk> Files: utils/perldoc.PL Subject: perldoc diffs: don't search auto - much faster From: "Joseph N. Hall" <joseph@5sigma.com> Files: utils/perldoc.PL Msg-ID: MailDrop1.2d7dPPC.971012211957@screechy.cscaper.com (applied based on p5p patch as commit 62b753c6ae4ab9bf22fbb6ec7ceac820bcef8fe4)
Diffstat (limited to 'pod')
-rw-r--r--pod/perlapio.pod4
-rw-r--r--pod/perldelta.pod2
-rw-r--r--pod/perldiag.pod36
-rw-r--r--pod/perlfunc.pod142
-rw-r--r--pod/perlguts.pod36
-rw-r--r--pod/perlipc.pod6
-rw-r--r--pod/perlop.pod14
-rw-r--r--pod/perlrun.pod9
-rw-r--r--pod/perlsec.pod70
-rw-r--r--pod/perlsub.pod10
-rw-r--r--pod/perlvar.pod103
11 files changed, 312 insertions, 120 deletions
diff --git a/pod/perlapio.pod b/pod/perlapio.pod
index 0db385e388..c963d232f6 100644
--- a/pod/perlapio.pod
+++ b/pod/perlapio.pod
@@ -29,8 +29,8 @@ perlapio - perl's IO abstraction interface.
int PerlIO_fileno(PerlIO *);
PerlIO *PerlIO_fdopen(int, const char *);
- PerlIO *PerlIO_importFILE(FILE *);
- FILE *PerlIO_exportFILE(PerlIO *);
+ PerlIO *PerlIO_importFILE(FILE *, int flags);
+ FILE *PerlIO_exportFILE(PerlIO *, int flags);
FILE *PerlIO_findFILE(PerlIO *);
void PerlIO_releaseFILE(PerlIO *,FILE *);
diff --git a/pod/perldelta.pod b/pod/perldelta.pod
index 8d191e82d7..7400940dca 100644
--- a/pod/perldelta.pod
+++ b/pod/perldelta.pod
@@ -1163,7 +1163,7 @@ increasing order of desperation):
=item "my" variable %s masks earlier declaration in same scope
-(S) A lexical variable has been redeclared in the same scope, effectively
+(W) A lexical variable has been redeclared in the same scope, effectively
eliminating all access to the previous instance. This is almost always
a typographical error. Note that the earlier variable will still exist
until the end of the scope or until all closure referents to it are
diff --git a/pod/perldiag.pod b/pod/perldiag.pod
index a4d9356977..166e046f22 100644
--- a/pod/perldiag.pod
+++ b/pod/perldiag.pod
@@ -35,7 +35,7 @@ if you want to localize a package variable.
=item "my" variable %s masks earlier declaration in same scope
-(S) A lexical variable has been redeclared in the same scope, effectively
+(W) A lexical variable has been redeclared in the same scope, effectively
eliminating all access to the previous instance. This is almost always
a typographical error. Note that the earlier variable will still exist
until the end of the scope or until all closure referents to it are
@@ -594,7 +594,11 @@ for us to go to. See L<perlfunc/goto>.
the closing delimiter was omitted. Because bracketed quotes count nesting
levels, the following is missing its final parenthesis:
- print q(The character '(' starts a side comment.)
+ print q(The character '(' starts a side comment.);
+
+If you're getting this error from a here-document, you may have
+included unseen whitespace before or after your closing tag. A good
+programmer's editor will have a way to help you find these characters.
=item Can't fork
@@ -778,13 +782,16 @@ of suidperl.
=item Can't take log of %g
-(F) Logarithms are defined on only positive real numbers.
+(F) For ordinary real numbers, you can't take the logarithm of a
+negative number or zero. There's a Math::Complex package that comes
+standard with Perl, though, if you really want to do that for
+the negative numbers.
=item Can't take sqrt of %g
(F) For ordinary real numbers, you can't take the square root of a
-negative number. There's a Complex package available for Perl, though,
-if you really want to do that.
+negative number. There's a Math::Complex package that comes standard
+with Perl, though, if you really want to do that.
=item Can't undef active subroutine
@@ -1315,10 +1322,14 @@ See L<perlfunc/sprintf>.
=item Invalid type in pack: '%s'
(F) The given character is not a valid pack type. See L<perlfunc/pack>.
+(W) The given character is not a valid pack type but used to be silently
+ignored.
=item Invalid type in unpack: '%s'
(F) The given character is not a valid unpack type. See L<perlfunc/unpack>.
+(W) The given character is not a valid unpack type but used to be silently
+ignored.
=item ioctl is not implemented
@@ -2015,6 +2026,11 @@ an unintended loop in your inheritance hierarchy.
(W) The internal sv_replace() function was handed a new SV with a
reference count of other than 1.
+=item regexp *+ operand could be empty
+
+(F) The part of the regexp subject to either the * or + quantifier
+could match an empty string.
+
=item regexp memory corruption
(P) The regular expression engine got confused by what the regular
@@ -2082,6 +2098,7 @@ or setgid bit set. This doesn't make much sense.
(F) The lexer couldn't find the final delimiter of a // or m{}
construct. Remember that bracketing delimiters count nesting level.
+Missing the leading C<$> from a variable C<$m> may cause this error.
=item %sseek() on unopened file
@@ -2252,11 +2269,13 @@ L<perlop/"Quote and Quote-like Operators">.
(F) The lexer couldn't find the interior delimiter of a s/// or s{}{}
construct. Remember that bracketing delimiters count nesting level.
+Missing the leading C<$> from variable C<$s> may cause this error.
=item Substitution replacement not terminated
(F) The lexer couldn't find the final delimiter of a s/// or s{}{}
construct. Remember that bracketing delimiters count nesting level.
+Missing the leading C<$> from variable C<$s> may cause this error.
=item substr outside of string
@@ -2413,7 +2432,8 @@ it. See L<perlre>.
=item Translation pattern not terminated
(F) The lexer couldn't find the interior delimiter of a tr/// or tr[][]
-construct.
+or y/// or y[][] construct. Missing the leading C<$> from variables
+C<$tr> or C<$y> may cause this error.
=item Translation replacement not terminated
@@ -2635,6 +2655,10 @@ non-methods. The simple fix for old code is: In any module that used to
depend on inheriting C<AUTOLOAD> for non-methods from a base class named
C<BaseClass>, execute C<*AUTOLOAD = \&BaseClass::AUTOLOAD> during startup.
+In code that currently says C<use AutoLoader; @ISA = qw(AutoLoader);> you
+should remove AutoLoader from @ISA and change C<use AutoLoader;> to
+C<C<use AutoLoader 'AUTOLOAD';>.
+
=item Use of %s is deprecated
(D) The construct indicated is no longer recommended for use, generally
diff --git a/pod/perlfunc.pod b/pod/perlfunc.pod
index 4f3341d911..aa1e82eac8 100644
--- a/pod/perlfunc.pod
+++ b/pod/perlfunc.pod
@@ -551,23 +551,30 @@ omitted, does chroot to $_.
Closes the file or pipe associated with the file handle, returning TRUE
only if stdio successfully flushes buffers and closes the system file
-descriptor. If the file handle came from a piped open C<close> will
-additionally return FALSE if one of the other system calls involved
-fails or if the program exits with non-zero status. (If the problem was
-that the program exited non-zero $! will be set to 0.)
-You don't have to close FILEHANDLE if you are immediately
-going to do another open() on it, because open() will close it for you. (See
+descriptor.
+
+You don't have to close FILEHANDLE if you are immediately going to do
+another open() on it, because open() will close it for you. (See
open().) However, an explicit close on an input file resets the line
-counter ($.), while the implicit close done by open() does not. Also,
-closing a pipe will wait for the process executing on the pipe to
-complete, in case you want to look at the output of the pipe
-afterwards. Closing a pipe explicitly also puts the status value of
-the command into C<$?>. Example:
+counter ($.), while the implicit close done by open() does not.
+
+If the file handle came from a piped open C<close> will additionally
+return FALSE if one of the other system calls involved fails or if the
+program exits with non-zero status. (If the only problem was that the
+program exited non-zero $! will be set to 0.) Also, closing a pipe will
+wait for the process executing on the pipe to complete, in case you
+want to look at the output of the pipe afterwards. Closing a pipe
+explicitly also puts the exit status value of the command into C<$?>.
+Example:
- open(OUTPUT, '|sort >foo'); # pipe to sort
+ open(OUTPUT, '|sort >foo') # pipe to sort
+ or die "Can't start sort: $!";
... # print stuff to output
- close OUTPUT; # wait for sort to finish
- open(INPUT, 'foo'); # get sort's results
+ close OUTPUT # wait for sort to finish
+ or warn $! ? "Error closing sort pipe: $!"
+ : "Exit status $? from sort";
+ open(INPUT, 'foo') # get sort's results
+ or die "Can't open 'foo' for input: $!";
FILEHANDLE may be an expression whose value gives the real filehandle name.
@@ -803,11 +810,28 @@ produce, respectively
See also exit() and warn().
+If LIST is empty and $@ already contains a value (typically from a
+previous eval) that value is reused after appending "\t...propagated".
+This is useful for propagating exceptions:
+
+ eval { ... };
+ die unless $@ =~ /Expected exception/;
+
+If $@ is empty then the string "Died" is used.
+
You can arrange for a callback to be called just before the die() does
its deed, by setting the C<$SIG{__DIE__}> hook. The associated handler
will be called with the error text and can change the error message, if
-it sees fit, by calling die() again. See L<perlvar> for details on
-setting C<%SIG> entries, and eval() for some examples.
+it sees fit, by calling die() again. See L<perlvar/$SIG{expr}> for details on
+setting C<%SIG> entries, and L<"eval BLOCK"> for some examples.
+
+Note that the C<$SIG{__DIE__}> hook is called even inside eval()ed
+blocks/strings. If one wants the hook to do nothing in such
+situations, put
+
+ die @_ if $^S;
+
+as the first line of the handler (see L<perlvar/$^S>).
=item do BLOCK
@@ -830,7 +854,7 @@ from a Perl subroutine library.
is just like
- eval `cat stat.pl`;
+ scalar eval `cat stat.pl`;
except that it's more efficient, more concise, keeps track of the
current filename for error messages, and searches all the B<-I>
@@ -1030,10 +1054,10 @@ in case 6.
=item exec LIST
-The exec() function executes a system command I<AND NEVER RETURNS>,
-unless the command does not exist and is executed directly instead of
-via your system's command shell (see below). Use system() instead of
-exec() if you want it to return.
+The exec() function executes a system command I<AND NEVER RETURNS> -
+use system() instead of exec() if you want it to return. It fails and
+returns FALSE only if the command does not exist I<and> it is executed
+directly instead of via your system's command shell (see below).
If there is more than one argument in LIST, or if LIST is an array with
more than one value, calls execvp(3) with the arguments in LIST. If
@@ -1532,8 +1556,10 @@ supported, it can cause bizarre results if the LIST is not a named
array. Similarly, grep returns aliases into the original list,
much like the way that L<Foreach Loops>'s index variable aliases the list
elements. That is, modifying an element of a list returned by grep
+(for example, in a C<foreach>, C<map> or another C<grep>)
actually modifies the element in the original list.
+See also L</map> for an array composed of the results of the BLOCK or EXPR.
=item hex EXPR
=item hex
@@ -1764,6 +1790,8 @@ In a scalar context, returns the ctime(3) value:
$now_string = localtime; # e.g., "Thu Oct 13 04:54:34 1994"
+This scalar value is B<not> locale dependent, see L<perllocale>,
+but instead a Perl builtin.
Also see the Time::Local module, and the strftime(3) and mktime(3)
function available via the POSIX module.
@@ -1812,6 +1840,12 @@ is just a funny way to write
$hash{getkey($_)} = $_;
}
+Note that, because $_ is a reference into the list value, it can be used
+to modify the elements of the array. While this is useful and
+supported, it can cause bizarre results if the LIST is not a named
+array. See also L</grep> for an array composed of those items of the
+original list for which the BLOCK or EXPR evaluates to true.
+
=item mkdir FILENAME,MODE
Creates the directory specified by FILENAME, with permissions specified
@@ -1932,6 +1966,14 @@ and those that don't is their text file formats. Systems like Unix and
Plan9 that delimit lines with a single character, and that encode that
character in C as '\n', do not need C<binmode>. The rest need it.
+When opening a file, it's usually a bad idea to continue normal execution
+if the request failed, so C<open> is frequently used in connection with
+C<die>. Even if C<die> won't do what you want (say, in a CGI script,
+where you want to make a nicely formatted error message (but there are
+modules which can help with that problem)) you should always check
+the return value from opening a file. The infrequent exception is when
+working with an unopened filehandle is actually what you want to do.
+
Examples:
$ARTICLE = 100;
@@ -1939,12 +1981,16 @@ Examples:
while (<ARTICLE>) {...
open(LOG, '>>/usr/spool/news/twitlog'); # (log is reserved)
+ # if the open fails, output is discarded
- open(DBASE, '+<dbase.mine'); # open for update
+ open(DBASE, '+<dbase.mine') # open for update
+ or die "Can't open 'dbase.mine' for update: $!";
- open(ARTICLE, "caesar <$article |"); # decrypt article
+ open(ARTICLE, "caesar <$article |") # decrypt article
+ or die "Can't start caesar: $!";
- open(EXTRACT, "|sort >/tmp/Tmp$$"); # $$ is our process id
+ open(EXTRACT, "|sort >/tmp/Tmp$$") # $$ is our process id
+ or die "Can't start sort: $!";
# process argument list of files along with any includes
@@ -3060,12 +3106,13 @@ value.) The use of implicit split to @_ is deprecated, however.
If EXPR is omitted, splits the $_ string. If PATTERN is also omitted,
splits on whitespace (after skipping any leading whitespace). Anything
matching PATTERN is taken to be a delimiter separating the fields. (Note
-that the delimiter may be longer than one character.) If LIMIT is
-specified and is not negative, splits into no more than that many fields
-(though it may split into fewer). If LIMIT is unspecified, trailing null
-fields are stripped (which potential users of pop() would do well to
-remember). If LIMIT is negative, it is treated as if an arbitrarily large
-LIMIT had been specified.
+that the delimiter may be longer than one character.)
+
+If LIMIT is specified and is not negative, splits into no more than
+that many fields (though it may split into fewer). If LIMIT is
+unspecified, trailing null fields are stripped (which potential users
+of pop() would do well to remember). If LIMIT is negative, it is
+treated as if an arbitrarily large LIMIT had been specified.
A pattern matching the null string (not to be confused with
a null pattern C<//>, which is just one member of the set of patterns
@@ -3099,7 +3146,7 @@ If you had the entire header of a normal Unix email message in $header,
you could split it up into fields and their values this way:
$header =~ s/\n\s+/ /g; # fix continuation lines
- %hdrs = (UNIX_FROM => split /^(.*?):\s*/m, $header);
+ %hdrs = (UNIX_FROM => split /^(\S*?):\s*/m, $header);
The pattern C</PATTERN/> may be replaced with an expression to specify
patterns that vary at runtime. (To do runtime compilation only once,
@@ -3412,6 +3459,17 @@ like numbers.
Note that Perl supports passing of up to only 14 arguments to your system call,
which in practice should usually suffice.
+Syscall returns whatever value returned by the system call it calls.
+If the system call fails, syscall returns -1 and sets C<$!> (errno).
+Note that some system calls can legitimately return -1. The proper
+way to handle such calls is to assign C<$!=0;> before the call and
+check the value of <$!> if syscall returns -1.
+
+There's a problem with C<syscall(&SYS_pipe)>: it returns the file
+number of the read end of the pipe it creates. There is no way
+to retrieve the file number of the other end. You can avoid this
+problem by using C<pipe> instead.
+
=item sysopen FILEHANDLE,FILENAME,MODE
=item sysopen FILEHANDLE,FILENAME,MODE,PERMS
@@ -3441,12 +3499,12 @@ into that kind of thing.
=item sysread FILEHANDLE,SCALAR,LENGTH
Attempts to read LENGTH bytes of data into variable SCALAR from the
-specified FILEHANDLE, using the system call read(2). It bypasses stdio,
-so mixing this with other kinds of reads, print(), write(), seek(), or
-tell() can cause confusion. Returns the number of bytes actually read,
-or undef if there was an error. SCALAR will be grown or shrunk so that
-the last byte actually read is the last byte of the scalar after the
-read.
+specified FILEHANDLE, using the system call read(2). It bypasses
+stdio, so mixing this with other kinds of reads, print(), write(),
+seek(), or tell() can cause confusion because stdio usually buffers
+data. Returns the number of bytes actually read, or undef if there
+was an error. SCALAR will be grown or shrunk so that the last byte
+actually read is the last byte of the scalar after the read.
An OFFSET may be specified to place the read data at some place in the
string other than the beginning. A negative OFFSET specifies
@@ -3527,14 +3585,16 @@ for details.
Attempts to write LENGTH bytes of data from variable SCALAR to the
specified FILEHANDLE, using the system call write(2). It bypasses
stdio, so mixing this with reads (other than sysread()), print(),
-write(), seek(), or tell() may cause confusion. Returns the number of
-bytes actually written, or undef if there was an error. If the length
-is greater than the available data, only as much data as is available
+write(), seek(), or tell() may cause confusion because stdio usually
+buffers data. Returns the number of bytes actually written, or undef
+if there was an error. If the LENGTH is greater than the available
+data in the SCALAR after the OFFSET, only as much data as is available
will be written.
An OFFSET may be specified to write the data from some part of the
string other than the beginning. A negative OFFSET specifies writing
-that many bytes counting backwards from the end of the string.
+that many bytes counting backwards from the end of the string. In the
+case the SCALAR is empty you can use OFFSET but only zero offset.
=item tell FILEHANDLE
diff --git a/pod/perlguts.pod b/pod/perlguts.pod
index ecf8610756..20a11ac45c 100644
--- a/pod/perlguts.pod
+++ b/pod/perlguts.pod
@@ -1404,7 +1404,7 @@ extensions.
=item AvFILL
-See C<av_len>.
+Same as C<av_len>.
=item av_clear
@@ -1851,6 +1851,11 @@ Prepares a starting point to traverse a hash table.
I32 hv_iterinit _((HV* tb));
+Note that hv_iterinit I<currently> returns the number of I<buckets> in
+the hash and I<not> the number of keys (as indicated in the Advanced
+Perl Programming book). This may change in future. Use the HvKEYS(hv)
+macro to find the number of keys in a hash.
+
=item hv_iterkey
Returns the key from the current position of the hash iterator. See
@@ -2823,6 +2828,35 @@ Dereferences an RV to return the SV.
SV* SvRV (SV* sv);
+=item SvTAINT
+
+Taints an SV if tainting is enabled
+
+ SvTAINT (SV* sv);
+
+=item SvTAINTED
+
+Checks to see if an SV is tainted. Returns TRUE if it is, FALSE if not.
+
+ SvTAINTED (SV* sv);
+
+=item SvTAINTED_off
+
+Untaints an SV. Be I<very> careful with this routine, as it short-circuits
+some of Perl's fundamental security features. XS module authors should
+not use this function unless they fully understand all the implications
+of unconditionally untainting the value. Untainting should be done in
+the standard perl fashion, via a carefully crafted regexp, rather than
+directly untainting variables.
+
+ SvTAINTED_off (SV* sv);
+
+=item SvTAINTED_on
+
+Marks an SV as tainted.
+
+ SvTAINTED_on (SV* sv);
+
=item sv_setiv
Copies an integer into the given SV.
diff --git a/pod/perlipc.pod b/pod/perlipc.pod
index 6b1f2ab335..030463c7a0 100644
--- a/pod/perlipc.pod
+++ b/pod/perlipc.pod
@@ -71,9 +71,9 @@ values are "inherited" by functions called from within that block.)
}
Sending a signal to a negative process ID means that you send the signal
-to the entire Unix process-group. This code send a hang-up signal to all
-processes in the current process group I<except for> the current process
-itself:
+to the entire Unix process-group. This code sends a hang-up signal to all
+processes in the current process group (and sets $SIG{HUP} to IGNORE so
+it doesn't kill itself):
{
local $SIG{HUP} = 'IGNORE';
diff --git a/pod/perlop.pod b/pod/perlop.pod
index 56859029bf..17728df9d3 100644
--- a/pod/perlop.pod
+++ b/pod/perlop.pod
@@ -567,6 +567,15 @@ the same character fore and aft, but the 4 sorts of brackets
s{}{} Substitution yes
tr{}{} Translation no
+Note that there can be whitespace between the operator and the quoting
+characters, except when C<#> is being used as the quoting character.
+C<q#foo#> is parsed as being the string C<foo>, which C<q #foo#> is the
+operator C<q> followed by a comment. Its argument will be taken from the
+next line. This allows you to write:
+
+ s {foo} # Replace foo
+ {bar} # with bar.
+
For constructs that do interpolation, variables beginning with "C<$>" or "C<@>"
are interpolated, as are the following sequences:
@@ -619,9 +628,9 @@ patterns local to the current package are reset.
This usage is vaguely deprecated, and may be removed in some future
version of Perl.
-=item m/PATTERN/gimosx
+=item m/PATTERN/cgimosx
-=item /PATTERN/gimosx
+=item /PATTERN/cgimosx
Searches a string for a pattern match, and in a scalar context returns
true (1) or false (''). If no string is specified via the C<=~> or
@@ -634,6 +643,7 @@ when C<use locale> is in effect.
Options are:
+ c Do not reset search position on a failed match when /g is in effect.
g Match globally, i.e., find all occurrences.
i Do case-insensitive pattern matching.
m Treat string as multiple lines.
diff --git a/pod/perlrun.pod b/pod/perlrun.pod
index 1e3279e374..a847133bb9 100644
--- a/pod/perlrun.pod
+++ b/pod/perlrun.pod
@@ -62,6 +62,11 @@ getting a - instead of a complete switch could cause Perl to try to
execute standard input instead of your script. And a partial B<-I> switch
could also cause odd results.
+Some switches do care if they are processed twice, for instance combinations
+of B<-l> and B<-0>. Either put all the switches after the 32 character
+boundary (if applicable), or replace the use of B<-0>I<digits> by
+C<BEGIN{ $/ = "\0digits"; }>.
+
Parsing of the #! switches starts wherever "perl" is mentioned in the line.
The sequences "-*" and "- " are specifically ignored so that you could,
if you were so inclined, say
@@ -500,7 +505,9 @@ Perl.
allows Perl to do unsafe operations. Currently the only "unsafe"
operations are the unlinking of directories while running as superuser,
and running setuid programs with fatal taint checks turned into
-warnings.
+warnings. Note that the B<-w> switch (or the C<$^W> variable) must
+be used along with this option to actually B<generate> the
+taint-check warnings.
=item B<-v>
diff --git a/pod/perlsec.pod b/pod/perlsec.pod
index 1a1ae21e81..73884790b0 100644
--- a/pod/perlsec.pod
+++ b/pod/perlsec.pod
@@ -18,25 +18,28 @@ user or group IDs. The setuid bit in Unix permissions is mode 04000, the
setgid bit mode 02000; either or both may be set. You can also enable taint
mode explicitly by using the B<-T> command line flag. This flag is
I<strongly> suggested for server programs and any program run on behalf of
-someone else, such as a CGI script.
+someone else, such as a CGI script. Once taint mode is on, it's on for
+the remainder of your script.
While in this mode, Perl takes special precautions called I<taint
checks> to prevent both obvious and subtle traps. Some of these checks
are reasonably simple, such as verifying that path directories aren't
writable by others; careful programmers have always used checks like
these. Other checks, however, are best supported by the language itself,
-and it is these checks especially that contribute to making a setuid Perl
+and it is these checks especially that contribute to making a set-id Perl
program more secure than the corresponding C program.
-You may not use data derived from outside your program to affect something
-else outside your program--at least, not by accident. All command line
-arguments, environment variables, locale information (see L<perllocale>),
-and file input are marked as "tainted". Tainted data may not be used
-directly or indirectly in any command that invokes a sub-shell, nor in any
-command that modifies files, directories, or processes. Any variable set
-within an expression that has previously referenced a tainted value itself
-becomes tainted, even if it is logically impossible for the tainted value
-to influence the variable. Because taintedness is associated with each
+You may not use data derived from outside your program to affect
+something else outside your program--at least, not by accident. All
+command line arguments, environment variables, locale information (see
+L<perllocale>), results of certain system calls (readdir, readlink,
+the gecos field of getpw* calls), and all file input are marked as
+"tainted". Tainted data may not be used directly or indirectly in any
+command that invokes a sub-shell, nor in any command that modifies
+files, directories, or processes. Any variable set
+to a value derived from tainted data will itself be tainted,
+even if it is logically impossible for the tainted data
+to alter the variable. Because taintedness is associated with each
scalar value, some elements of an array can be tainted and others not.
For example:
@@ -90,8 +93,9 @@ doing something like the last example above.
=head2 Laundering and Detecting Tainted Data
To test whether a variable contains tainted data, and whose use would thus
-trigger an "Insecure dependency" message, you can use the following
-I<is_tainted()> function.
+trigger an "Insecure dependency" message, check your nearby CPAN mirror
+for the F<Taint.pm> module, which should become available around November
+1997. Or you may be able to use the following I<is_tainted()> function.
sub is_tainted {
return ! eval {
@@ -172,8 +176,8 @@ makes sure you set the PATH.
It's also possible to get into trouble with other operations that don't
care whether they use tainted values. Make judicious use of the file
tests in dealing with any user-supplied filenames. When possible, do
-opens and such after setting C<$E<gt> = $E<lt>>. (Remember group IDs,
-too!) Perl doesn't prevent you from opening tainted filenames for reading,
+opens and such B<after> properly dropping any special user (or group!)
+privileges. Perl doesn't prevent you from opening tainted filenames for reading,
so be careful what you print out. The tainting mechanism is intended to
prevent stupid mistakes, not to remove the need for thought.
@@ -199,30 +203,36 @@ doing something it shouldn't.
Here's a way to do backticks reasonably safely. Notice how the B<exec> is
not called with a string that the shell could expand. This is by far the
best way to call something that might be subjected to shell escapes: just
-never call the shell at all. By the time we get to the B<exec>, tainting
-is turned off, however, so be careful what you call and what you pass it.
+never call the shell at all.
use English;
- die unless defined $pid = open(KID, "-|");
+ die "Can't fork: $!" unless defined $pid = open(KID, "-|");
if ($pid) { # parent
while (<KID>) {
# do something
}
close KID;
} else {
+ my @temp = ($EUID, $EGID);
$EUID = $UID;
$EGID = $GID; # XXX: initgroups() not called
+ # Make sure privs are really gone
+ ($EUID, $EGID) = @temp;
+ die "Can't drop privileges" unless
+ $UID == $EUID and
+ $GID eq $EGID; # String test
$ENV{PATH} = "/bin:/usr/bin";
- exec 'myprog', 'arg1', 'arg2';
+ exec 'myprog', 'arg1', 'arg2' or
die "can't exec myprog: $!";
}
-A similar strategy would work for wildcard expansion via C<glob>.
+A similar strategy would work for wildcard expansion via C<glob>, although
+you can use C<readdir> instead.
Taint checking is most useful when although you trust yourself not to have
written a program to give away the farm, you don't necessarily trust those
who end up using it not to try to trick it into doing something bad. This
-is the kind of security checking that's useful for setuid programs and
+is the kind of security checking that's useful for set-id programs and
programs launched on someone else's behalf, like CGI programs.
This is quite different, however, from not even trusting the writer of the
@@ -236,28 +246,28 @@ are trapped and namespace access is carefully controlled.
=head2 Security Bugs
Beyond the obvious problems that stem from giving special privileges to
-systems as flexible as scripts, on many versions of Unix, setuid scripts
+systems as flexible as scripts, on many versions of Unix, set-id scripts
are inherently insecure right from the start. The problem is a race
condition in the kernel. Between the time the kernel opens the file to
-see which interpreter to run and when the (now-setuid) interpreter turns
+see which interpreter to run and when the (now-set-id) interpreter turns
around and reopens the file to interpret it, the file in question may have
changed, especially if you have symbolic links on your system.
Fortunately, sometimes this kernel "feature" can be disabled.
Unfortunately, there are two ways to disable it. The system can simply
-outlaw scripts with the setuid bit set, which doesn't help much.
-Alternately, it can simply ignore the setuid bit on scripts. If the
+outlaw scripts with any set-id bit set, which doesn't help much.
+Alternately, it can simply ignore the set-id bits on scripts. If the
latter is true, Perl can emulate the setuid and setgid mechanism when it
notices the otherwise useless setuid/gid bits on Perl scripts. It does
this via a special executable called B<suidperl> that is automatically
invoked for you if it's needed.
-However, if the kernel setuid script feature isn't disabled, Perl will
-complain loudly that your setuid script is insecure. You'll need to
-either disable the kernel setuid script feature, or put a C wrapper around
+However, if the kernel set-id script feature isn't disabled, Perl will
+complain loudly that your set-id script is insecure. You'll need to
+either disable the kernel set-id script feature, or put a C wrapper around
the script. A C wrapper is just a compiled program that does nothing
except call your Perl program. Compiled programs are not subject to the
-kernel bug that plagues setuid scripts. Here's a simple wrapper, written
+kernel bug that plagues set-id scripts. Here's a simple wrapper, written
in C:
#define REAL_PATH "/path/to/script"
@@ -278,7 +288,7 @@ for each of them.
In recent years, vendors have begun to supply systems free of this
inherent security bug. On such systems, when the kernel passes the name
-of the setuid script to open to the interpreter, rather than using a
+of the set-id script to open to the interpreter, rather than using a
pathname subject to meddling, it instead passes I</dev/fd/3>. This is a
special file already opened on the script, so that there can be no race
condition for evil scripts to exploit. On these systems, Perl should be
diff --git a/pod/perlsub.pod b/pod/perlsub.pod
index d08426adab..16babd2092 100644
--- a/pod/perlsub.pod
+++ b/pod/perlsub.pod
@@ -872,6 +872,12 @@ via the import syntax, and these names may then override the builtin ones:
chdir $somewhere;
sub chdir { ... }
+To unambiguously refer to the builtin form, one may precede the
+builtin name with the special package qualifier C<CORE::>. For example,
+saying C<CORE::open()> will always refer to the builtin C<open()>, even
+if the current package has imported some other subroutine called
+C<&open()> from elsewhere.
+
Library modules should not in general export builtin names like "open"
or "chdir" as part of their default @EXPORT list, because these may
sneak into someone else's namespace and change the semantics unexpectedly.
@@ -887,6 +893,10 @@ and it would import the open override, but if they said
they would get the default imports without the overrides.
+Note that such overriding is restricted to the package that requests
+the import. Some means of "globally" overriding builtins may become
+available in future.
+
=head2 Autoloading
If you call a subroutine that is undefined, you would ordinarily get an
diff --git a/pod/perlvar.pod b/pod/perlvar.pod
index 6487fdda36..75f4e6d5c2 100644
--- a/pod/perlvar.pod
+++ b/pod/perlvar.pod
@@ -18,9 +18,9 @@ long names in the current package. Some of them even have medium names,
generally borrowed from B<awk>.
To go a step further, those variables that depend on the currently
-selected filehandle may instead be set by calling an object method on
-the FileHandle object. (Summary lines below for this contain the word
-HANDLE.) First you must say
+selected filehandle may instead (and preferably) be set by calling an
+object method on the FileHandle object. (Summary lines below for this
+contain the word HANDLE.) First you must say
use FileHandle;
@@ -42,6 +42,12 @@ A few of these variables are considered "read-only". This means that if
you try to assign to this variable, either directly or indirectly through
a reference, you'll raise a run-time exception.
+The following list is ordered by scalar variables first, then the
+arrays, then the hashes (except $^M was added in the wrong place).
+This is somewhat obscured by the fact that %ENV and %SIG are listed as
+$ENV{expr} and $SIG{expr}.
+
+
=over 8
=item $ARG
@@ -438,16 +444,13 @@ operator. (Mnemonic: What just went bang?)
=item $^E
More specific information about the last system error than that provided by
-C<$!>, if available. (If not, it's just C<$!> again, except under OS/2.)
+C<$!>, if available. (If not, it's just C<$!> again.)
At the moment, this differs from C<$!> under only VMS and OS/2, where it
provides the VMS status value from the last system error, and OS/2 error
-code of the last call to OS/2 API which was not directed via CRT. The
+code of the last call to OS/2 API either via CRT, or directly from perl. The
caveats mentioned in the description of C<$!> apply here, too.
(Mnemonic: Extra error explanation.)
-Note that under OS/2 C<$!> and C<$^E> do not track each other, so if an
-OS/2-specific call is performed, you may need to check both.
-
=item $EVAL_ERROR
=item $@
@@ -597,8 +600,8 @@ C<$^F> at the time of the open, not the time of the exec.
=item $^H
-The current set of syntax checks enabled by C<use strict>. See the
-documentation of C<strict> for more details.
+The current set of syntax checks enabled by C<use strict> and other block
+scoped compiler hints. See the documentation of C<strict> for more details.
=item $INPLACE_EDIT
@@ -607,6 +610,20 @@ documentation of C<strict> for more details.
The current value of the inplace-edit extension. Use C<undef> to disable
inplace editing. (Mnemonic: value of B<-i> switch.)
+=item $^M
+
+By default, running out of memory it is not trappable. However, if
+compiled for this, Perl may use the contents of C<$^M> as an emergency
+pool after die()ing with this message. Suppose that your Perl were
+compiled with -DPERL_EMERGENCY_SBRK and used Perl's malloc. Then
+
+ $^M = 'a' x (1<<16);
+
+would allocate a 64K buffer for use when in emergency. See the F<INSTALL>
+file for information on how to enable this option. As a disincentive to
+casual use of this advanced feature, there is no L<English> long name for
+this variable.
+
=item $OSNAME
=item $^O
@@ -653,6 +670,12 @@ Start with single-step on.
Note that some bits may be relevent at compile-time only, some at
run-time only. This is a new mechanism and the details may change.
+=item $^S
+
+Current state of the interpreter. Undefined if parsing of the current
+module/eval is not finished (may happen in $SIG{__DIE__} and
+$SIG{__WARN__} handlers). True if inside an eval, othewise false.
+
=item $BASETIME
=item $^T
@@ -699,6 +722,11 @@ to get the machine-dependent library properly loaded also:
use lib '/mypath/libdir/';
use SomeMod;
+=item @_
+
+Within a subroutine the array @_ contains the parameters passed to that
+subroutine. See L<perlsub>.
+
=item %INC
The hash %INC contains entries for each filename that has
@@ -707,25 +735,25 @@ specified, and the value is the location of the file actually found.
The C<require> command uses this array to determine whether a given file
has already been included.
-=item $ENV{expr}
+=item %ENV $ENV{expr}
The hash %ENV contains your current environment. Setting a
value in C<ENV> changes the environment for child processes.
-=item $SIG{expr}
+=item %SIG $SIG{expr}
The hash %SIG is used to set signal handlers for various
signals. Example:
sub handler { # 1st argument is signal name
- local($sig) = @_;
+ my($sig) = @_;
print "Caught a SIG$sig--shutting down\n";
close(LOG);
exit(0);
}
- $SIG{'INT'} = 'handler';
- $SIG{'QUIT'} = 'handler';
+ $SIG{'INT'} = \&handler;
+ $SIG{'QUIT'} = \&handler;
...
$SIG{'INT'} = 'DEFAULT'; # restore default action
$SIG{'QUIT'} = 'IGNORE'; # ignore SIGQUIT
@@ -733,8 +761,8 @@ signals. Example:
The %SIG array contains values for only the signals actually set within
the Perl script. Here are some other examples:
- $SIG{PIPE} = Plumber; # SCARY!!
- $SIG{"PIPE"} = "Plumber"; # just fine, assumes main::Plumber
+ $SIG{"PIPE"} = Plumber; # SCARY!!
+ $SIG{"PIPE"} = "Plumber"; # assumes main::Plumber (not recommended)
$SIG{"PIPE"} = \&Plumber; # just fine; assume current Plumber
$SIG{"PIPE"} = Plumber(); # oops, what did Plumber() return??
@@ -775,21 +803,30 @@ argument. When a __DIE__ hook routine returns, the exception
processing continues as it would have in the absence of the hook,
unless the hook routine itself exits via a C<goto>, a loop exit, or a die().
The C<__DIE__> handler is explicitly disabled during the call, so that you
-can die from a C<__DIE__> handler. Similarly for C<__WARN__>. See
-L<perlfunc/die>, L<perlfunc/warn> and L<perlfunc/eval>.
-
-=item $^M
-
-By default, running out of memory it is not trappable. However, if
-compiled for this, Perl may use the contents of C<$^M> as an emergency
-pool after die()ing with this message. Suppose that your Perl were
-compiled with -DPERL_EMERGENCY_SBRK and used Perl's malloc. Then
-
- $^M = 'a' x (1<<16);
-
-would allocate a 64K buffer for use when in emergency. See the F<INSTALL>
-file for information on how to enable this option. As a disincentive to
-casual use of this advanced feature, there is no L<English> long name for
-this variable.
+can die from a C<__DIE__> handler. Similarly for C<__WARN__>.
+
+Note that the C<$SIG{__DIE__}> hook is called even inside eval()ed
+blocks/strings. See L<perlfunc/die>, L<perlvar/$^S> for how to
+circumvent this.
+
+Note that C<__DIE__>/C<__WARN__> handlers are very special in one
+respect: they may be called to report (probable) errors found by the
+parser. In such a case the parser may be in inconsistent state, so
+any attempt to evaluate Perl code from such a handler will probably
+result in a segfault. This means that calls which result/may-result
+in parsing Perl should be used with extreme causion, like this:
+
+ require Carp if defined $^S;
+ Carp::confess("Something wrong") if defined &Carp::confess;
+ die "Something wrong, but could not load Carp to give backtrace...
+ To see backtrace try starting Perl with -MCarp switch";
+
+Here the first line will load Carp I<unless> it is the parser who
+called the handler. The second line will print backtrace and die if
+Carp was available. The third line will be executed only if Carp was
+not available.
+
+See L<perlfunc/die>, L<perlfunc/warn> and L<perlfunc/eval> for
+additional info.
=back