In perl.git, the branch blead has been updated <http://perl5.git.perl.org/perl.git/commitdiff/bbc89b61fda2c0d03d0a57a32abcf992fcf30e99?hp=182bc98962948b00fd5ab6bea5afddf0d6c84755>
- Log ----------------------------------------------------------------- commit bbc89b61fda2c0d03d0a57a32abcf992fcf30e99 Author: Jarkko Hietaniemi <[email protected]> Date: Sun Jul 20 09:10:27 2014 -0400 Warn against tmpfile, and mention perlclib. ----------------------------------------------------------------------- Summary of changes: pod/perlhacktips.pod | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pod/perlhacktips.pod b/pod/perlhacktips.pod index 5cd04e4..c673dde 100644 --- a/pod/perlhacktips.pod +++ b/pod/perlhacktips.pod @@ -581,6 +581,7 @@ snprintf() - the return type is unportable. Use my_snprintf() instead. =head2 Security problems Last but not least, here are various tips for safer coding. +See also L<perlclib> for libc/stdio replacements one should use. =over 4 @@ -592,6 +593,12 @@ Or we will publicly ridicule you. Seriously. =item * +Do not use tmpfile() + +Use mkstemp() instead. + +=item * + Do not use strcpy() or strcat() or strncpy() or strncat() Use my_strlcpy() and my_strlcat() instead: they either use the native -- Perl5 Master Repository
