Perl has a large number of built-in functions; they are described on the perlfunc
manpage [Wall 2011]. Perl also has a handful of reserved keywords such as while
; they are described on the perlsyn
manpage [Wall 2011].
Do not use an identifier for a subroutine that has been reserved for a built-in function or keyword.
Noncompliant Code Example
This noncompliant code example codes a subroutine called open()
, which clashes with the open()
built-in function.
Code Block | ||||
---|---|---|---|---|
| ||||
sub open { my ($arg1, $arg2, $arg3) = @_; print "arg1 = $arg1\n"; print "arg2 = $arg2\n"; print "arg3 = $arg3\n"; } open( my $input, "<", "foo.txt"); # What does this do? |
Perl (v5.12.1) actually invokes the built-in open()
rather than the newly crafted subroutine.
Compliant Solution
This compliant solution uses a different name for its subroutine; consequently, it behaves as expected.
Code Block | ||||
---|---|---|---|---|
| ||||
sub my_open { my ($arg1, $arg2, $arg3) = @_; print "arg1 = $arg1\n"; print "arg2 = $arg2\n"; print "arg3 = $arg3\n"; } my_open( my $input, "<", "foo.txt"); |
Exceptions
DCL31-EX0: This rule does not apply to object methods. Object methods are easy for the parser to distinguish from built-in functions or keywords due to their distinct syntax.
Related Guidelines
CERT C++ Secure Coding Standard: DCL32-CPP. Do not declare or define a reserved identifier
CERT C Secure Coding Standard: DCL37-C. Do not declare or define a reserved identifier
Risk Assessment
Using reserved keywords can lead to unexpected program behavior and surprising results.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
DCL31-PL | low | probable | medium | P2 | L3 |
Automated Detection
Tool | Diagnostic |
---|---|
Perl::Critic | Subroutines::ProhibitBuiltinHomonyms |
Bibliography
[CPAN] Elliot Shank, Perl-Critic-1.116 Subroutines::ProhibitBuiltinHomonyms
[Wall 2011] perlfunc, perlsyn