You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

The perlfunc manpage says, with regard to the builtin eval() function:

If there is a syntax error or runtime error, or a "die" statement is executed, "eval" returns an undefined value in scalar context or an empty list in list context, and $@ is set to the error message. If there was no error, $@ is guaranteed to be the empty string. Beware that using "eval" neither silences Perl from printing warnings to STDERR, nor does it stuff the text of warning messages into $@.
...
It is also Perl's exception trapping mechanism, where the die operator is used to raise exceptions.

Note that EXP30-PL. Do not use deprecated or obsolete functions or modules recommends using croak() rather than die().

Programmers may often suppress exceptions. This can be easily accomplished by not examining the $@ variable (also known as $EVAL_ERROR). Because eva() makes ignoring exceptions the default, it is critically important that programmers inspect $@ after using eval().

Exceptions are intended to disrupt the expected control flow of the application. Many exceptions are supprssed out of not knowing how to handle the exception, or not even knowing that one may have been thrown. Consequently, exceptions must never be suppressed. If a call to eval() fails, the calling code must at least inspect $@. If the developer does not know how to handle the exception, they can always propagate it up the stack by issuing their own fatal error.

Noncompliant Code Example

This noncompliant code example uses the eval() builtin function to divide two numbers. Wihtout using eval() the code would abort if $b happened to be 0, but thanks to eval(), code processing can resume normally, with $answer being uninitialized. This produces a warning when the unitialized value is embedded in the string passed to print(). So eval() can be used to completely ignore an important error that may occur.

my ($a, $b) = # initialize
my $answer;
eval { $answer = $a / $b };
print "The quotient is $answer\n";

Compliant Solution

This compliant solution checks to see if eval() failed, and, if so, emits a warning message and initializes $answer.

my ($a, $b) = # initialize
my $answer;
eval { $answer = $a / $b };
if ($@) {
  carp $@;
  $answer = 0;
}
print "The quotient is $answer\n";

Exceptions

EXP31-EX0: Exceptions that occur during the freeing of a resource may be suppressed in those cases where failure to free the resource cannot affect future program behavior. Examples of freeing resources include closing files or network sockets. When closed, normally or abnormally, the exception cannot influence future program behavior through any avenue other than resource exhaustion. When resource exhaustion is adequately handled, it is sufficient to sanitize and log the exception for future improvement; additional error handling is unnecessary in this case.

Risk Assessment

Suppressing exceptions can result in inconsistent program state and erroneous behavior.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP31-PL

low

probable

medium

P14

L3

Related Guidelines

The CERT Oracle Secure Coding Standard for Java: ERR00-J. Do not suppress or ignore checked exceptions

Bibliography

[Conway 05]
[Wall 2011] perlfunc, perlvar


      03. Expressions      

  • No labels