Commit | Line | Data |
---|---|---|
25f64a11 | 1 | # |
f17010da | 2 | # Copyright (c) 1995-2001, Raphael Manfredi |
65206418 | 3 | # Copyright (c) 2002-2014 by the Perl 5 Porters |
2b212655 | 4 | # |
25f64a11 AMS |
5 | # You may redistribute only under the same terms as Perl 5, as specified |
6 | # in the README file that comes with the distribution. | |
7 | # | |
7a6a85bf | 8 | |
71a48636 | 9 | require XSLoader; |
7a6a85bf | 10 | require Exporter; |
71a48636 | 11 | package Storable; @ISA = qw(Exporter); |
7a6a85bf RG |
12 | |
13 | @EXPORT = qw(store retrieve); | |
14 | @EXPORT_OK = qw( | |
9e21b3d0 | 15 | nstore store_fd nstore_fd fd_retrieve |
7a6a85bf RG |
16 | freeze nfreeze thaw |
17 | dclone | |
9e21b3d0 | 18 | retrieve_fd |
dd19458b | 19 | lock_store lock_nstore lock_retrieve |
d4b9b6e4 | 20 | file_magic read_magic |
7a6a85bf RG |
21 | ); |
22 | ||
01d7b99e | 23 | use vars qw($canonical $forgive_me $VERSION); |
7a6a85bf | 24 | |
cf97b304 | 25 | $VERSION = '2.58'; |
7a6a85bf | 26 | |
1541ec63 | 27 | BEGIN { |
8901ddee TC |
28 | if (eval { |
29 | local $SIG{__DIE__}; | |
30 | local @INC = @INC; | |
31 | pop @INC if $INC[-1] eq '.'; | |
32 | require Log::Agent; | |
33 | 1; | |
34 | }) { | |
1541ec63 DL |
35 | Log::Agent->import; |
36 | } | |
37 | # | |
38 | # Use of Log::Agent is optional. If it hasn't imported these subs then | |
39 | # provide a fallback implementation. | |
40 | # | |
81447963 | 41 | unless ($Storable::{logcroak} && *{$Storable::{logcroak}}{CODE}) { |
1541ec63 | 42 | require Carp; |
1541ec63 DL |
43 | *logcroak = sub { |
44 | Carp::croak(@_); | |
45 | }; | |
6fe613da | 46 | } |
81447963 | 47 | unless ($Storable::{logcarp} && *{$Storable::{logcarp}}{CODE}) { |
6fe613da | 48 | require Carp; |
1541ec63 DL |
49 | *logcarp = sub { |
50 | Carp::carp(@_); | |
51 | }; | |
52 | } | |
53 | } | |
7a6a85bf | 54 | |
dd19458b JH |
55 | # |
56 | # They might miss :flock in Fcntl | |
57 | # | |
58 | ||
59 | BEGIN { | |
596596d5 | 60 | if (eval { require Fcntl; 1 } && exists $Fcntl::EXPORT_TAGS{'flock'}) { |
dd19458b JH |
61 | Fcntl->import(':flock'); |
62 | } else { | |
63 | eval q{ | |
64 | sub LOCK_SH () {1} | |
65 | sub LOCK_EX () {2} | |
66 | }; | |
67 | } | |
68 | } | |
69 | ||
a8b7ef86 AMS |
70 | sub CLONE { |
71 | # clone context under threads | |
72 | Storable::init_perinterp(); | |
73 | } | |
74 | ||
530b72ba NC |
75 | # By default restricted hashes are downgraded on earlier perls. |
76 | ||
77 | $Storable::downgrade_restricted = 1; | |
e8189732 | 78 | $Storable::accept_future_minor = 1; |
71a48636 | 79 | |
70e1279a | 80 | XSLoader::load('Storable', $Storable::VERSION); |
b8778c7c | 81 | |
862382c7 JH |
82 | # |
83 | # Determine whether locking is possible, but only when needed. | |
84 | # | |
85 | ||
530b72ba | 86 | sub CAN_FLOCK; my $CAN_FLOCK; sub CAN_FLOCK { |
862382c7 JH |
87 | return $CAN_FLOCK if defined $CAN_FLOCK; |
88 | require Config; import Config; | |
89 | return $CAN_FLOCK = | |
90 | $Config{'d_flock'} || | |
91 | $Config{'d_fcntl_can_lock'} || | |
92 | $Config{'d_lockf'}; | |
93 | } | |
94 | ||
0a0da639 JH |
95 | sub show_file_magic { |
96 | print <<EOM; | |
97 | # | |
98 | # To recognize the data files of the Perl module Storable, | |
99 | # the following lines need to be added to the local magic(5) file, | |
100 | # usually either /usr/share/misc/magic or /etc/magic. | |
0a0da639 JH |
101 | # |
102 | 0 string perl-store perl Storable(v0.6) data | |
8b793558 JH |
103 | >4 byte >0 (net-order %d) |
104 | >>4 byte &01 (network-ordered) | |
105 | >>4 byte =3 (major 1) | |
106 | >>4 byte =2 (major 1) | |
107 | ||
0a0da639 | 108 | 0 string pst0 perl Storable(v0.7) data |
8b793558 JH |
109 | >4 byte >0 |
110 | >>4 byte &01 (network-ordered) | |
111 | >>4 byte =5 (major 2) | |
112 | >>4 byte =4 (major 2) | |
113 | >>5 byte >0 (minor %d) | |
0a0da639 JH |
114 | EOM |
115 | } | |
116 | ||
d4b9b6e4 | 117 | sub file_magic { |
ed0d1802 DL |
118 | require IO::File; |
119 | ||
d4b9b6e4 | 120 | my $file = shift; |
ed0d1802 | 121 | my $fh = IO::File->new; |
ab6f8ca1 | 122 | open($fh, "<". $file) || die "Can't open '$file': $!"; |
d4b9b6e4 GA |
123 | binmode($fh); |
124 | defined(sysread($fh, my $buf, 32)) || die "Can't read from '$file': $!"; | |
125 | close($fh); | |
126 | ||
127 | $file = "./$file" unless $file; # ensure TRUE value | |
128 | ||
129 | return read_magic($buf, $file); | |
130 | } | |
131 | ||
b8778c7c | 132 | sub read_magic { |
d4b9b6e4 GA |
133 | my($buf, $file) = @_; |
134 | my %info; | |
135 | ||
136 | my $buflen = length($buf); | |
137 | my $magic; | |
138 | if ($buf =~ s/^(pst0|perl-store)//) { | |
139 | $magic = $1; | |
140 | $info{file} = $file || 1; | |
141 | } | |
142 | else { | |
143 | return undef if $file; | |
144 | $magic = ""; | |
145 | } | |
146 | ||
147 | return undef unless length($buf); | |
148 | ||
149 | my $net_order; | |
150 | if ($magic eq "perl-store" && ord(substr($buf, 0, 1)) > 1) { | |
151 | $info{version} = -1; | |
152 | $net_order = 0; | |
153 | } | |
154 | else { | |
5e12106f NC |
155 | $buf =~ s/(.)//s; |
156 | my $major = (ord $1) >> 1; | |
d4b9b6e4 GA |
157 | return undef if $major > 4; # sanity (assuming we never go that high) |
158 | $info{major} = $major; | |
5e12106f | 159 | $net_order = (ord $1) & 0x01; |
d4b9b6e4 | 160 | if ($major > 1) { |
5e12106f NC |
161 | return undef unless $buf =~ s/(.)//s; |
162 | my $minor = ord $1; | |
d4b9b6e4 GA |
163 | $info{minor} = $minor; |
164 | $info{version} = "$major.$minor"; | |
165 | $info{version_nv} = sprintf "%d.%03d", $major, $minor; | |
166 | } | |
167 | else { | |
168 | $info{version} = $major; | |
169 | } | |
170 | } | |
171 | $info{version_nv} ||= $info{version}; | |
172 | $info{netorder} = $net_order; | |
173 | ||
174 | unless ($net_order) { | |
5e12106f NC |
175 | return undef unless $buf =~ s/(.)//s; |
176 | my $len = ord $1; | |
d4b9b6e4 GA |
177 | return undef unless length($buf) >= $len; |
178 | return undef unless $len == 4 || $len == 8; # sanity | |
5e12106f NC |
179 | @info{qw(byteorder intsize longsize ptrsize)} |
180 | = unpack "a${len}CCC", $buf; | |
181 | (substr $buf, 0, $len + 3) = ''; | |
d4b9b6e4 | 182 | if ($info{version_nv} >= 2.002) { |
5e12106f NC |
183 | return undef unless $buf =~ s/(.)//s; |
184 | $info{nvsize} = ord $1; | |
d4b9b6e4 GA |
185 | } |
186 | } | |
187 | $info{hdrsize} = $buflen - length($buf); | |
188 | ||
189 | return \%info; | |
190 | } | |
191 | ||
192 | sub BIN_VERSION_NV { | |
193 | sprintf "%d.%03d", BIN_MAJOR(), BIN_MINOR(); | |
194 | } | |
195 | ||
196 | sub BIN_WRITE_VERSION_NV { | |
197 | sprintf "%d.%03d", BIN_MAJOR(), BIN_WRITE_MINOR(); | |
b8778c7c | 198 | } |
7a6a85bf RG |
199 | |
200 | # | |
201 | # store | |
202 | # | |
203 | # Store target object hierarchy, identified by a reference to its root. | |
204 | # The stored object tree may later be retrieved to memory via retrieve. | |
205 | # Returns undef if an I/O error occurred, in which case the file is | |
206 | # removed. | |
207 | # | |
208 | sub store { | |
dd19458b | 209 | return _store(\&pstore, @_, 0); |
7a6a85bf RG |
210 | } |
211 | ||
212 | # | |
213 | # nstore | |
214 | # | |
215 | # Same as store, but in network order. | |
216 | # | |
217 | sub nstore { | |
dd19458b JH |
218 | return _store(\&net_pstore, @_, 0); |
219 | } | |
220 | ||
221 | # | |
222 | # lock_store | |
223 | # | |
224 | # Same as store, but flock the file first (advisory locking). | |
225 | # | |
226 | sub lock_store { | |
227 | return _store(\&pstore, @_, 1); | |
228 | } | |
229 | ||
230 | # | |
231 | # lock_nstore | |
232 | # | |
233 | # Same as nstore, but flock the file first (advisory locking). | |
234 | # | |
235 | sub lock_nstore { | |
236 | return _store(\&net_pstore, @_, 1); | |
7a6a85bf RG |
237 | } |
238 | ||
239 | # Internal store to file routine | |
240 | sub _store { | |
241 | my $xsptr = shift; | |
242 | my $self = shift; | |
dd19458b | 243 | my ($file, $use_locking) = @_; |
7a6a85bf | 244 | logcroak "not a reference" unless ref($self); |
b12202d0 | 245 | logcroak "wrong argument number" unless @_ == 2; # No @foo in arglist |
7a6a85bf | 246 | local *FILE; |
dd19458b | 247 | if ($use_locking) { |
6e0ac6f5 | 248 | open(FILE, ">>$file") || logcroak "can't write into $file: $!"; |
862382c7 | 249 | unless (&CAN_FLOCK) { |
2b212655 | 250 | logcarp |
251 | "Storable::lock_store: fcntl/flock emulation broken on $^O"; | |
b29b780f | 252 | return undef; |
f567092b | 253 | } |
dd19458b JH |
254 | flock(FILE, LOCK_EX) || |
255 | logcroak "can't get exclusive lock on $file: $!"; | |
256 | truncate FILE, 0; | |
257 | # Unlocking will happen when FILE is closed | |
6e0ac6f5 JH |
258 | } else { |
259 | open(FILE, ">$file") || logcroak "can't create $file: $!"; | |
dd19458b | 260 | } |
6e0ac6f5 | 261 | binmode FILE; # Archaic systems... |
7a6a85bf RG |
262 | my $da = $@; # Don't mess if called from exception handler |
263 | my $ret; | |
264 | # Call C routine nstore or pstore, depending on network order | |
265 | eval { $ret = &$xsptr(*FILE, $self) }; | |
9c09e8a7 NC |
266 | # close will return true on success, so the or short-circuits, the () |
267 | # expression is true, and for that case the block will only be entered | |
268 | # if $@ is true (ie eval failed) | |
269 | # if close fails, it returns false, $ret is altered, *that* is (also) | |
270 | # false, so the () expression is false, !() is true, and the block is | |
271 | # entered. | |
cbc736f3 | 272 | if (!(close(FILE) or undef $ret) || $@) { |
9c09e8a7 NC |
273 | unlink($file) or warn "Can't unlink $file: $!\n"; |
274 | } | |
7a6a85bf RG |
275 | logcroak $@ if $@ =~ s/\.?\n$/,/; |
276 | $@ = $da; | |
cbc736f3 | 277 | return $ret; |
7a6a85bf RG |
278 | } |
279 | ||
280 | # | |
281 | # store_fd | |
282 | # | |
283 | # Same as store, but perform on an already opened file descriptor instead. | |
284 | # Returns undef if an I/O error occurred. | |
285 | # | |
286 | sub store_fd { | |
287 | return _store_fd(\&pstore, @_); | |
288 | } | |
289 | ||
290 | # | |
291 | # nstore_fd | |
292 | # | |
293 | # Same as store_fd, but in network order. | |
294 | # | |
295 | sub nstore_fd { | |
296 | my ($self, $file) = @_; | |
297 | return _store_fd(\&net_pstore, @_); | |
298 | } | |
299 | ||
300 | # Internal store routine on opened file descriptor | |
301 | sub _store_fd { | |
302 | my $xsptr = shift; | |
303 | my $self = shift; | |
304 | my ($file) = @_; | |
305 | logcroak "not a reference" unless ref($self); | |
306 | logcroak "too many arguments" unless @_ == 1; # No @foo in arglist | |
307 | my $fd = fileno($file); | |
308 | logcroak "not a valid file descriptor" unless defined $fd; | |
309 | my $da = $@; # Don't mess if called from exception handler | |
310 | my $ret; | |
311 | # Call C routine nstore or pstore, depending on network order | |
312 | eval { $ret = &$xsptr($file, $self) }; | |
313 | logcroak $@ if $@ =~ s/\.?\n$/,/; | |
596596d5 | 314 | local $\; print $file ''; # Autoflush the file if wanted |
7a6a85bf | 315 | $@ = $da; |
cbc736f3 | 316 | return $ret; |
7a6a85bf RG |
317 | } |
318 | ||
319 | # | |
320 | # freeze | |
321 | # | |
efaa61e2 | 322 | # Store object and its hierarchy in memory and return a scalar |
7a6a85bf RG |
323 | # containing the result. |
324 | # | |
325 | sub freeze { | |
326 | _freeze(\&mstore, @_); | |
327 | } | |
328 | ||
329 | # | |
330 | # nfreeze | |
331 | # | |
332 | # Same as freeze but in network order. | |
333 | # | |
334 | sub nfreeze { | |
335 | _freeze(\&net_mstore, @_); | |
336 | } | |
337 | ||
338 | # Internal freeze routine | |
339 | sub _freeze { | |
340 | my $xsptr = shift; | |
341 | my $self = shift; | |
342 | logcroak "not a reference" unless ref($self); | |
343 | logcroak "too many arguments" unless @_ == 0; # No @foo in arglist | |
344 | my $da = $@; # Don't mess if called from exception handler | |
345 | my $ret; | |
346 | # Call C routine mstore or net_mstore, depending on network order | |
347 | eval { $ret = &$xsptr($self) }; | |
348 | logcroak $@ if $@ =~ s/\.?\n$/,/; | |
349 | $@ = $da; | |
350 | return $ret ? $ret : undef; | |
351 | } | |
352 | ||
353 | # | |
354 | # retrieve | |
355 | # | |
356 | # Retrieve object hierarchy from disk, returning a reference to the root | |
357 | # object of that tree. | |
358 | # | |
359 | sub retrieve { | |
dd19458b JH |
360 | _retrieve($_[0], 0); |
361 | } | |
362 | ||
363 | # | |
364 | # lock_retrieve | |
365 | # | |
366 | # Same as retrieve, but with advisory locking. | |
367 | # | |
368 | sub lock_retrieve { | |
369 | _retrieve($_[0], 1); | |
370 | } | |
371 | ||
372 | # Internal retrieve routine | |
373 | sub _retrieve { | |
374 | my ($file, $use_locking) = @_; | |
7a6a85bf | 375 | local *FILE; |
dd19458b | 376 | open(FILE, $file) || logcroak "can't open $file: $!"; |
7a6a85bf RG |
377 | binmode FILE; # Archaic systems... |
378 | my $self; | |
379 | my $da = $@; # Could be from exception handler | |
dd19458b | 380 | if ($use_locking) { |
862382c7 | 381 | unless (&CAN_FLOCK) { |
2b212655 | 382 | logcarp |
383 | "Storable::lock_store: fcntl/flock emulation broken on $^O"; | |
b29b780f RM |
384 | return undef; |
385 | } | |
8be2b38b | 386 | flock(FILE, LOCK_SH) || logcroak "can't get shared lock on $file: $!"; |
dd19458b JH |
387 | # Unlocking will happen when FILE is closed |
388 | } | |
7a6a85bf RG |
389 | eval { $self = pretrieve(*FILE) }; # Call C routine |
390 | close(FILE); | |
391 | logcroak $@ if $@ =~ s/\.?\n$/,/; | |
392 | $@ = $da; | |
393 | return $self; | |
394 | } | |
395 | ||
396 | # | |
9e21b3d0 | 397 | # fd_retrieve |
7a6a85bf RG |
398 | # |
399 | # Same as retrieve, but perform from an already opened file descriptor instead. | |
400 | # | |
9e21b3d0 | 401 | sub fd_retrieve { |
7a6a85bf RG |
402 | my ($file) = @_; |
403 | my $fd = fileno($file); | |
404 | logcroak "not a valid file descriptor" unless defined $fd; | |
405 | my $self; | |
406 | my $da = $@; # Could be from exception handler | |
407 | eval { $self = pretrieve($file) }; # Call C routine | |
408 | logcroak $@ if $@ =~ s/\.?\n$/,/; | |
409 | $@ = $da; | |
410 | return $self; | |
411 | } | |
412 | ||
1541ec63 DL |
413 | sub retrieve_fd { &fd_retrieve } # Backward compatibility |
414 | ||
7a6a85bf RG |
415 | # |
416 | # thaw | |
417 | # | |
418 | # Recreate objects in memory from an existing frozen image created | |
419 | # by freeze. If the frozen image passed is undef, return undef. | |
420 | # | |
421 | sub thaw { | |
422 | my ($frozen) = @_; | |
423 | return undef unless defined $frozen; | |
424 | my $self; | |
425 | my $da = $@; # Could be from exception handler | |
426 | eval { $self = mretrieve($frozen) }; # Call C routine | |
427 | logcroak $@ if $@ =~ s/\.?\n$/,/; | |
428 | $@ = $da; | |
429 | return $self; | |
430 | } | |
431 | ||
a2307be4 NC |
432 | 1; |
433 | __END__ | |
434 | ||
7a6a85bf RG |
435 | =head1 NAME |
436 | ||
f062ea6c | 437 | Storable - persistence for Perl data structures |
7a6a85bf RG |
438 | |
439 | =head1 SYNOPSIS | |
440 | ||
441 | use Storable; | |
442 | store \%table, 'file'; | |
443 | $hashref = retrieve('file'); | |
444 | ||
445 | use Storable qw(nstore store_fd nstore_fd freeze thaw dclone); | |
446 | ||
447 | # Network order | |
448 | nstore \%table, 'file'; | |
449 | $hashref = retrieve('file'); # There is NO nretrieve() | |
450 | ||
451 | # Storing to and retrieving from an already opened file | |
452 | store_fd \@array, \*STDOUT; | |
453 | nstore_fd \%table, \*STDOUT; | |
9e21b3d0 JH |
454 | $aryref = fd_retrieve(\*SOCKET); |
455 | $hashref = fd_retrieve(\*SOCKET); | |
7a6a85bf RG |
456 | |
457 | # Serializing to memory | |
458 | $serialized = freeze \%table; | |
459 | %table_clone = %{ thaw($serialized) }; | |
460 | ||
461 | # Deep (recursive) cloning | |
462 | $cloneref = dclone($ref); | |
463 | ||
dd19458b JH |
464 | # Advisory locking |
465 | use Storable qw(lock_store lock_nstore lock_retrieve) | |
466 | lock_store \%table, 'file'; | |
467 | lock_nstore \%table, 'file'; | |
468 | $hashref = lock_retrieve('file'); | |
469 | ||
7a6a85bf RG |
470 | =head1 DESCRIPTION |
471 | ||
f062ea6c | 472 | The Storable package brings persistence to your Perl data structures |
7a6a85bf | 473 | containing SCALAR, ARRAY, HASH or REF objects, i.e. anything that can be |
c261f00e | 474 | conveniently stored to disk and retrieved at a later time. |
7a6a85bf RG |
475 | |
476 | It can be used in the regular procedural way by calling C<store> with | |
477 | a reference to the object to be stored, along with the file name where | |
478 | the image should be written. | |
775ecd75 | 479 | |
7a6a85bf RG |
480 | The routine returns C<undef> for I/O problems or other internal error, |
481 | a true value otherwise. Serious errors are propagated as a C<die> exception. | |
482 | ||
f062ea6c PN |
483 | To retrieve data stored to disk, use C<retrieve> with a file name. |
484 | The objects stored into that file are recreated into memory for you, | |
485 | and a I<reference> to the root object is returned. In case an I/O error | |
7a6a85bf RG |
486 | occurs while reading, C<undef> is returned instead. Other serious |
487 | errors are propagated via C<die>. | |
488 | ||
489 | Since storage is performed recursively, you might want to stuff references | |
490 | to objects that share a lot of common data into a single array or hash | |
491 | table, and then store that object. That way, when you retrieve back the | |
492 | whole thing, the objects will continue to share what they originally shared. | |
493 | ||
494 | At the cost of a slight header overhead, you may store to an already | |
495 | opened file descriptor using the C<store_fd> routine, and retrieve | |
9e21b3d0 | 496 | from a file via C<fd_retrieve>. Those names aren't imported by default, |
c261f00e | 497 | so you will have to do that explicitly if you need those routines. |
7a6a85bf RG |
498 | The file descriptor you supply must be already opened, for read |
499 | if you're going to retrieve and for write if you wish to store. | |
500 | ||
501 | store_fd(\%table, *STDOUT) || die "can't store to stdout\n"; | |
9e21b3d0 | 502 | $hashref = fd_retrieve(*STDIN); |
7a6a85bf RG |
503 | |
504 | You can also store data in network order to allow easy sharing across | |
505 | multiple platforms, or when storing on a socket known to be remotely | |
506 | connected. The routines to call have an initial C<n> prefix for I<network>, | |
507 | as in C<nstore> and C<nstore_fd>. At retrieval time, your data will be | |
508 | correctly restored so you don't have to know whether you're restoring | |
dd19458b JH |
509 | from native or network ordered data. Double values are stored stringified |
510 | to ensure portability as well, at the slight risk of loosing some precision | |
511 | in the last decimals. | |
7a6a85bf | 512 | |
9e21b3d0 | 513 | When using C<fd_retrieve>, objects are retrieved in sequence, one |
7a6a85bf RG |
514 | object (i.e. one recursive tree) per associated C<store_fd>. |
515 | ||
516 | If you're more from the object-oriented camp, you can inherit from | |
517 | Storable and directly store your objects by invoking C<store> as | |
518 | a method. The fact that the root of the to-be-stored tree is a | |
519 | blessed reference (i.e. an object) is special-cased so that the | |
520 | retrieve does not provide a reference to that object but rather the | |
521 | blessed object reference itself. (Otherwise, you'd get a reference | |
522 | to that blessed object). | |
523 | ||
524 | =head1 MEMORY STORE | |
525 | ||
526 | The Storable engine can also store data into a Perl scalar instead, to | |
527 | later retrieve them. This is mainly used to freeze a complex structure in | |
528 | some safe compact memory place (where it can possibly be sent to another | |
529 | process via some IPC, since freezing the structure also serializes it in | |
530 | effect). Later on, and maybe somewhere else, you can thaw the Perl scalar | |
531 | out and recreate the original complex structure in memory. | |
532 | ||
533 | Surprisingly, the routines to be called are named C<freeze> and C<thaw>. | |
534 | If you wish to send out the frozen scalar to another machine, use | |
535 | C<nfreeze> instead to get a portable image. | |
536 | ||
537 | Note that freezing an object structure and immediately thawing it | |
538 | actually achieves a deep cloning of that structure: | |
539 | ||
540 | dclone(.) = thaw(freeze(.)) | |
541 | ||
542 | Storable provides you with a C<dclone> interface which does not create | |
543 | that intermediary scalar but instead freezes the structure in some | |
c261f00e | 544 | internal memory space and then immediately thaws it out. |
7a6a85bf | 545 | |
dd19458b JH |
546 | =head1 ADVISORY LOCKING |
547 | ||
f062ea6c PN |
548 | The C<lock_store> and C<lock_nstore> routine are equivalent to |
549 | C<store> and C<nstore>, except that they get an exclusive lock on | |
550 | the file before writing. Likewise, C<lock_retrieve> does the same | |
551 | as C<retrieve>, but also gets a shared lock on the file before reading. | |
dd19458b | 552 | |
f062ea6c PN |
553 | As with any advisory locking scheme, the protection only works if you |
554 | systematically use C<lock_store> and C<lock_retrieve>. If one side of | |
555 | your application uses C<store> whilst the other uses C<lock_retrieve>, | |
dd19458b JH |
556 | you will get no protection at all. |
557 | ||
f062ea6c PN |
558 | The internal advisory locking is implemented using Perl's flock() |
559 | routine. If your system does not support any form of flock(), or if | |
560 | you share your files across NFS, you might wish to use other forms | |
561 | of locking by using modules such as LockFile::Simple which lock a | |
562 | file using a filesystem entry, instead of locking the file descriptor. | |
dd19458b | 563 | |
7a6a85bf RG |
564 | =head1 SPEED |
565 | ||
566 | The heart of Storable is written in C for decent speed. Extra low-level | |
4d3295e3 PN |
567 | optimizations have been made when manipulating perl internals, to |
568 | sacrifice encapsulation for the benefit of greater speed. | |
7a6a85bf RG |
569 | |
570 | =head1 CANONICAL REPRESENTATION | |
571 | ||
f062ea6c | 572 | Normally, Storable stores elements of hashes in the order they are |
7a6a85bf RG |
573 | stored internally by Perl, i.e. pseudo-randomly. If you set |
574 | C<$Storable::canonical> to some C<TRUE> value, Storable will store | |
575 | hashes with the elements sorted by their key. This allows you to | |
576 | compare data structures by comparing their frozen representations (or | |
577 | even the compressed frozen representations), which can be useful for | |
578 | creating lookup tables for complicated queries. | |
579 | ||
f062ea6c | 580 | Canonical order does not imply network order; those are two orthogonal |
7a6a85bf RG |
581 | settings. |
582 | ||
d2b96869 SR |
583 | =head1 CODE REFERENCES |
584 | ||
585 | Since Storable version 2.05, CODE references may be serialized with | |
586 | the help of L<B::Deparse>. To enable this feature, set | |
3c4b39be | 587 | C<$Storable::Deparse> to a true value. To enable deserialization, |
d2b96869 SR |
588 | C<$Storable::Eval> should be set to a true value. Be aware that |
589 | deserialization is done through C<eval>, which is dangerous if the | |
590 | Storable file contains malicious data. You can set C<$Storable::Eval> | |
591 | to a subroutine reference which would be used instead of C<eval>. See | |
592 | below for an example using a L<Safe> compartment for deserialization | |
593 | of CODE references. | |
594 | ||
197b90bc SR |
595 | If C<$Storable::Deparse> and/or C<$Storable::Eval> are set to false |
596 | values, then the value of C<$Storable::forgive_me> (see below) is | |
597 | respected while serializing and deserializing. | |
598 | ||
c261f00e NC |
599 | =head1 FORWARD COMPATIBILITY |
600 | ||
601 | This release of Storable can be used on a newer version of Perl to | |
f062ea6c | 602 | serialize data which is not supported by earlier Perls. By default, |
c261f00e | 603 | Storable will attempt to do the right thing, by C<croak()>ing if it |
775ecd75 | 604 | encounters data that it cannot deserialize. However, the defaults |
f062ea6c | 605 | can be changed as follows: |
c261f00e NC |
606 | |
607 | =over 4 | |
608 | ||
609 | =item utf8 data | |
610 | ||
611 | Perl 5.6 added support for Unicode characters with code points > 255, | |
612 | and Perl 5.8 has full support for Unicode characters in hash keys. | |
613 | Perl internally encodes strings with these characters using utf8, and | |
614 | Storable serializes them as utf8. By default, if an older version of | |
615 | Perl encounters a utf8 value it cannot represent, it will C<croak()>. | |
616 | To change this behaviour so that Storable deserializes utf8 encoded | |
617 | values as the string of bytes (effectively dropping the I<is_utf8> flag) | |
618 | set C<$Storable::drop_utf8> to some C<TRUE> value. This is a form of | |
619 | data loss, because with C<$drop_utf8> true, it becomes impossible to tell | |
620 | whether the original data was the Unicode string, or a series of bytes | |
621 | that happen to be valid utf8. | |
622 | ||
623 | =item restricted hashes | |
624 | ||
f062ea6c PN |
625 | Perl 5.8 adds support for restricted hashes, which have keys |
626 | restricted to a given set, and can have values locked to be read only. | |
627 | By default, when Storable encounters a restricted hash on a perl | |
628 | that doesn't support them, it will deserialize it as a normal hash, | |
629 | silently discarding any placeholder keys and leaving the keys and | |
630 | all values unlocked. To make Storable C<croak()> instead, set | |
631 | C<$Storable::downgrade_restricted> to a C<FALSE> value. To restore | |
632 | the default set it back to some C<TRUE> value. | |
c261f00e | 633 | |
e8189732 NC |
634 | =item files from future versions of Storable |
635 | ||
636 | Earlier versions of Storable would immediately croak if they encountered | |
637 | a file with a higher internal version number than the reading Storable | |
638 | knew about. Internal version numbers are increased each time new data | |
639 | types (such as restricted hashes) are added to the vocabulary of the file | |
640 | format. This meant that a newer Storable module had no way of writing a | |
f062ea6c | 641 | file readable by an older Storable, even if the writer didn't store newer |
e8189732 NC |
642 | data types. |
643 | ||
644 | This version of Storable will defer croaking until it encounters a data | |
645 | type in the file that it does not recognize. This means that it will | |
646 | continue to read files generated by newer Storable modules which are careful | |
647 | in what they write out, making it easier to upgrade Storable modules in a | |
648 | mixed environment. | |
649 | ||
650 | The old behaviour of immediate croaking can be re-instated by setting | |
f062ea6c | 651 | C<$Storable::accept_future_minor> to some C<FALSE> value. |
e8189732 | 652 | |
c261f00e NC |
653 | =back |
654 | ||
f062ea6c | 655 | All these variables have no effect on a newer Perl which supports the |
c261f00e NC |
656 | relevant feature. |
657 | ||
7a6a85bf RG |
658 | =head1 ERROR REPORTING |
659 | ||
660 | Storable uses the "exception" paradigm, in that it does not try to workaround | |
661 | failures: if something bad happens, an exception is generated from the | |
662 | caller's perspective (see L<Carp> and C<croak()>). Use eval {} to trap | |
663 | those exceptions. | |
664 | ||
665 | When Storable croaks, it tries to report the error via the C<logcroak()> | |
666 | routine from the C<Log::Agent> package, if it is available. | |
667 | ||
212e9bde JH |
668 | Normal errors are reported by having store() or retrieve() return C<undef>. |
669 | Such errors are usually I/O errors (or truncated stream errors at retrieval). | |
670 | ||
7a6a85bf RG |
671 | =head1 WIZARDS ONLY |
672 | ||
673 | =head2 Hooks | |
674 | ||
675 | Any class may define hooks that will be called during the serialization | |
676 | and deserialization process on objects that are instances of that class. | |
677 | Those hooks can redefine the way serialization is performed (and therefore, | |
c261f00e | 678 | how the symmetrical deserialization should be conducted). |
7a6a85bf RG |
679 | |
680 | Since we said earlier: | |
681 | ||
682 | dclone(.) = thaw(freeze(.)) | |
683 | ||
684 | everything we say about hooks should also hold for deep cloning. However, | |
685 | hooks get to know whether the operation is a mere serialization, or a cloning. | |
686 | ||
687 | Therefore, when serializing hooks are involved, | |
688 | ||
689 | dclone(.) <> thaw(freeze(.)) | |
690 | ||
691 | Well, you could keep them in sync, but there's no guarantee it will always | |
692 | hold on classes somebody else wrote. Besides, there is little to gain in | |
f062ea6c | 693 | doing so: a serializing hook could keep only one attribute of an object, |
7a6a85bf RG |
694 | which is probably not what should happen during a deep cloning of that |
695 | same object. | |
696 | ||
697 | Here is the hooking interface: | |
698 | ||
bbc7dcd2 | 699 | =over 4 |
7a6a85bf RG |
700 | |
701 | =item C<STORABLE_freeze> I<obj>, I<cloning> | |
702 | ||
703 | The serializing hook, called on the object during serialization. It can be | |
704 | inherited, or defined in the class itself, like any other method. | |
705 | ||
706 | Arguments: I<obj> is the object to serialize, I<cloning> is a flag indicating | |
707 | whether we're in a dclone() or a regular serialization via store() or freeze(). | |
708 | ||
709 | Returned value: A LIST C<($serialized, $ref1, $ref2, ...)> where $serialized | |
710 | is the serialized form to be used, and the optional $ref1, $ref2, etc... are | |
711 | extra references that you wish to let the Storable engine serialize. | |
712 | ||
713 | At deserialization time, you will be given back the same LIST, but all the | |
714 | extra references will be pointing into the deserialized structure. | |
715 | ||
716 | The B<first time> the hook is hit in a serialization flow, you may have it | |
717 | return an empty list. That will signal the Storable engine to further | |
718 | discard that hook for this class and to therefore revert to the default | |
719 | serialization of the underlying Perl data. The hook will again be normally | |
720 | processed in the next serialization. | |
721 | ||
722 | Unless you know better, serializing hook should always say: | |
723 | ||
724 | sub STORABLE_freeze { | |
725 | my ($self, $cloning) = @_; | |
726 | return if $cloning; # Regular default serialization | |
727 | .... | |
728 | } | |
729 | ||
730 | in order to keep reasonable dclone() semantics. | |
731 | ||
732 | =item C<STORABLE_thaw> I<obj>, I<cloning>, I<serialized>, ... | |
733 | ||
734 | The deserializing hook called on the object during deserialization. | |
f062ea6c | 735 | But wait: if we're deserializing, there's no object yet... right? |
7a6a85bf RG |
736 | |
737 | Wrong: the Storable engine creates an empty one for you. If you know Eiffel, | |
738 | you can view C<STORABLE_thaw> as an alternate creation routine. | |
739 | ||
740 | This means the hook can be inherited like any other method, and that | |
741 | I<obj> is your blessed reference for this particular instance. | |
742 | ||
743 | The other arguments should look familiar if you know C<STORABLE_freeze>: | |
744 | I<cloning> is true when we're part of a deep clone operation, I<serialized> | |
745 | is the serialized string you returned to the engine in C<STORABLE_freeze>, | |
746 | and there may be an optional list of references, in the same order you gave | |
747 | them at serialization time, pointing to the deserialized objects (which | |
748 | have been processed courtesy of the Storable engine). | |
749 | ||
212e9bde JH |
750 | When the Storable engine does not find any C<STORABLE_thaw> hook routine, |
751 | it tries to load the class by requiring the package dynamically (using | |
752 | the blessed package name), and then re-attempts the lookup. If at that | |
753 | time the hook cannot be located, the engine croaks. Note that this mechanism | |
c261f00e | 754 | will fail if you define several classes in the same file, but L<perlmod> |
212e9bde JH |
755 | warned you. |
756 | ||
f062ea6c | 757 | It is up to you to use this information to populate I<obj> the way you want. |
7a6a85bf RG |
758 | |
759 | Returned value: none. | |
760 | ||
2f796f32 AMS |
761 | =item C<STORABLE_attach> I<class>, I<cloning>, I<serialized> |
762 | ||
763 | While C<STORABLE_freeze> and C<STORABLE_thaw> are useful for classes where | |
3c4b39be | 764 | each instance is independent, this mechanism has difficulty (or is |
2f796f32 AMS |
765 | incompatible) with objects that exist as common process-level or |
766 | system-level resources, such as singleton objects, database pools, caches | |
767 | or memoized objects. | |
768 | ||
769 | The alternative C<STORABLE_attach> method provides a solution for these | |
1e2a0f0b RGS |
770 | shared objects. Instead of C<STORABLE_freeze> --E<gt> C<STORABLE_thaw>, |
771 | you implement C<STORABLE_freeze> --E<gt> C<STORABLE_attach> instead. | |
2f796f32 AMS |
772 | |
773 | Arguments: I<class> is the class we are attaching to, I<cloning> is a flag | |
774 | indicating whether we're in a dclone() or a regular de-serialization via | |
775 | thaw(), and I<serialized> is the stored string for the resource object. | |
776 | ||
777 | Because these resource objects are considered to be owned by the entire | |
778 | process/system, and not the "property" of whatever is being serialized, | |
779 | no references underneath the object should be included in the serialized | |
780 | string. Thus, in any class that implements C<STORABLE_attach>, the | |
781 | C<STORABLE_freeze> method cannot return any references, and C<Storable> | |
782 | will throw an error if C<STORABLE_freeze> tries to return references. | |
783 | ||
784 | All information required to "attach" back to the shared resource object | |
785 | B<must> be contained B<only> in the C<STORABLE_freeze> return string. | |
786 | Otherwise, C<STORABLE_freeze> behaves as normal for C<STORABLE_attach> | |
787 | classes. | |
788 | ||
789 | Because C<STORABLE_attach> is passed the class (rather than an object), | |
790 | it also returns the object directly, rather than modifying the passed | |
791 | object. | |
792 | ||
793 | Returned value: object of type C<class> | |
794 | ||
7a6a85bf RG |
795 | =back |
796 | ||
797 | =head2 Predicates | |
798 | ||
c261f00e | 799 | Predicates are not exportable. They must be called by explicitly prefixing |
7a6a85bf RG |
800 | them with the Storable package name. |
801 | ||
bbc7dcd2 | 802 | =over 4 |
7a6a85bf RG |
803 | |
804 | =item C<Storable::last_op_in_netorder> | |
805 | ||
806 | The C<Storable::last_op_in_netorder()> predicate will tell you whether | |
807 | network order was used in the last store or retrieve operation. If you | |
808 | don't know how to use this, just forget about it. | |
809 | ||
810 | =item C<Storable::is_storing> | |
811 | ||
812 | Returns true if within a store operation (via STORABLE_freeze hook). | |
813 | ||
814 | =item C<Storable::is_retrieving> | |
815 | ||
f062ea6c | 816 | Returns true if within a retrieve operation (via STORABLE_thaw hook). |
7a6a85bf RG |
817 | |
818 | =back | |
819 | ||
820 | =head2 Recursion | |
821 | ||
f062ea6c PN |
822 | With hooks comes the ability to recurse back to the Storable engine. |
823 | Indeed, hooks are regular Perl code, and Storable is convenient when | |
824 | it comes to serializing and deserializing things, so why not use it | |
825 | to handle the serialization string? | |
7a6a85bf | 826 | |
f062ea6c | 827 | There are a few things you need to know, however: |
7a6a85bf | 828 | |
bbc7dcd2 | 829 | =over 4 |
7a6a85bf RG |
830 | |
831 | =item * | |
832 | ||
833 | You can create endless loops if the things you serialize via freeze() | |
f062ea6c PN |
834 | (for instance) point back to the object we're trying to serialize in |
835 | the hook. | |
7a6a85bf RG |
836 | |
837 | =item * | |
838 | ||
839 | Shared references among objects will not stay shared: if we're serializing | |
840 | the list of object [A, C] where both object A and C refer to the SAME object | |
841 | B, and if there is a serializing hook in A that says freeze(B), then when | |
842 | deserializing, we'll get [A', C'] where A' refers to B', but C' refers to D, | |
843 | a deep clone of B'. The topology was not preserved. | |
844 | ||
845 | =back | |
846 | ||
847 | That's why C<STORABLE_freeze> lets you provide a list of references | |
848 | to serialize. The engine guarantees that those will be serialized in the | |
849 | same context as the other objects, and therefore that shared objects will | |
850 | stay shared. | |
851 | ||
852 | In the above [A, C] example, the C<STORABLE_freeze> hook could return: | |
853 | ||
854 | ("something", $self->{B}) | |
855 | ||
856 | and the B part would be serialized by the engine. In C<STORABLE_thaw>, you | |
857 | would get back the reference to the B' object, deserialized for you. | |
858 | ||
859 | Therefore, recursion should normally be avoided, but is nonetheless supported. | |
860 | ||
861 | =head2 Deep Cloning | |
862 | ||
f062ea6c | 863 | There is a Clone module available on CPAN which implements deep cloning |
7a6a85bf RG |
864 | natively, i.e. without freezing to memory and thawing the result. It is |
865 | aimed to replace Storable's dclone() some day. However, it does not currently | |
866 | support Storable hooks to redefine the way deep cloning is performed. | |
867 | ||
0a0da639 JH |
868 | =head1 Storable magic |
869 | ||
870 | Yes, there's a lot of that :-) But more precisely, in UNIX systems | |
871 | there's a utility called C<file>, which recognizes data files based on | |
872 | their contents (usually their first few bytes). For this to work, | |
8b793558 | 873 | a certain file called F<magic> needs to taught about the I<signature> |
0a0da639 | 874 | of the data. Where that configuration file lives depends on the UNIX |
f062ea6c | 875 | flavour; often it's something like F</usr/share/misc/magic> or |
8b793558 JH |
876 | F</etc/magic>. Your system administrator needs to do the updating of |
877 | the F<magic> file. The necessary signature information is output to | |
f062ea6c PN |
878 | STDOUT by invoking Storable::show_file_magic(). Note that the GNU |
879 | implementation of the C<file> utility, version 3.38 or later, | |
880 | is expected to contain support for recognising Storable files | |
881 | out-of-the-box, in addition to other kinds of Perl files. | |
0a0da639 | 882 | |
d4b9b6e4 GA |
883 | You can also use the following functions to extract the file header |
884 | information from Storable images: | |
885 | ||
886 | =over | |
887 | ||
888 | =item $info = Storable::file_magic( $filename ) | |
889 | ||
890 | If the given file is a Storable image return a hash describing it. If | |
891 | the file is readable, but not a Storable image return C<undef>. If | |
892 | the file does not exist or is unreadable then croak. | |
893 | ||
894 | The hash returned has the following elements: | |
895 | ||
896 | =over | |
897 | ||
898 | =item C<version> | |
899 | ||
900 | This returns the file format version. It is a string like "2.7". | |
901 | ||
902 | Note that this version number is not the same as the version number of | |
903 | the Storable module itself. For instance Storable v0.7 create files | |
904 | in format v2.0 and Storable v2.15 create files in format v2.7. The | |
905 | file format version number only increment when additional features | |
906 | that would confuse older versions of the module are added. | |
907 | ||
908 | Files older than v2.0 will have the one of the version numbers "-1", | |
909 | "0" or "1". No minor number was used at that time. | |
910 | ||
911 | =item C<version_nv> | |
912 | ||
913 | This returns the file format version as number. It is a string like | |
914 | "2.007". This value is suitable for numeric comparisons. | |
915 | ||
916 | The constant function C<Storable::BIN_VERSION_NV> returns a comparable | |
b846e6a6 FC |
917 | number that represents the highest file version number that this |
918 | version of Storable fully supports (but see discussion of | |
d4b9b6e4 GA |
919 | C<$Storable::accept_future_minor> above). The constant |
920 | C<Storable::BIN_WRITE_VERSION_NV> function returns what file version | |
921 | is written and might be less than C<Storable::BIN_VERSION_NV> in some | |
c4a6f826 | 922 | configurations. |
d4b9b6e4 GA |
923 | |
924 | =item C<major>, C<minor> | |
925 | ||
926 | This also returns the file format version. If the version is "2.7" | |
927 | then major would be 2 and minor would be 7. The minor element is | |
928 | missing for when major is less than 2. | |
929 | ||
930 | =item C<hdrsize> | |
931 | ||
932 | The is the number of bytes that the Storable header occupies. | |
933 | ||
934 | =item C<netorder> | |
935 | ||
936 | This is TRUE if the image store data in network order. This means | |
937 | that it was created with nstore() or similar. | |
938 | ||
939 | =item C<byteorder> | |
940 | ||
941 | This is only present when C<netorder> is FALSE. It is the | |
942 | $Config{byteorder} string of the perl that created this image. It is | |
943 | a string like "1234" (32 bit little endian) or "87654321" (64 bit big | |
944 | endian). This must match the current perl for the image to be | |
945 | readable by Storable. | |
946 | ||
947 | =item C<intsize>, C<longsize>, C<ptrsize>, C<nvsize> | |
948 | ||
949 | These are only present when C<netorder> is FALSE. These are the sizes of | |
950 | various C datatypes of the perl that created this image. These must | |
951 | match the current perl for the image to be readable by Storable. | |
952 | ||
953 | The C<nvsize> element is only present for file format v2.2 and | |
954 | higher. | |
955 | ||
956 | =item C<file> | |
957 | ||
958 | The name of the file. | |
959 | ||
960 | =back | |
961 | ||
962 | =item $info = Storable::read_magic( $buffer ) | |
963 | ||
964 | =item $info = Storable::read_magic( $buffer, $must_be_file ) | |
965 | ||
966 | The $buffer should be a Storable image or the first few bytes of it. | |
967 | If $buffer starts with a Storable header, then a hash describing the | |
968 | image is returned, otherwise C<undef> is returned. | |
969 | ||
970 | The hash has the same structure as the one returned by | |
971 | Storable::file_magic(). The C<file> element is true if the image is a | |
972 | file image. | |
973 | ||
974 | If the $must_be_file argument is provided and is TRUE, then return | |
975 | C<undef> unless the image looks like it belongs to a file dump. | |
976 | ||
977 | The maximum size of a Storable header is currently 21 bytes. If the | |
978 | provided $buffer is only the first part of a Storable image it should | |
979 | at least be this long to ensure that read_magic() will recognize it as | |
980 | such. | |
981 | ||
982 | =back | |
983 | ||
7a6a85bf RG |
984 | =head1 EXAMPLES |
985 | ||
986 | Here are some code samples showing a possible usage of Storable: | |
987 | ||
e46aa1dd | 988 | use Storable qw(store retrieve freeze thaw dclone); |
7a6a85bf | 989 | |
e46aa1dd | 990 | %color = ('Blue' => 0.1, 'Red' => 0.8, 'Black' => 0, 'White' => 1); |
7a6a85bf | 991 | |
e46aa1dd | 992 | store(\%color, 'mycolors') or die "Can't store %a in mycolors!\n"; |
7a6a85bf | 993 | |
e46aa1dd KW |
994 | $colref = retrieve('mycolors'); |
995 | die "Unable to retrieve from mycolors!\n" unless defined $colref; | |
996 | printf "Blue is still %lf\n", $colref->{'Blue'}; | |
7a6a85bf | 997 | |
e46aa1dd | 998 | $colref2 = dclone(\%color); |
7a6a85bf | 999 | |
e46aa1dd KW |
1000 | $str = freeze(\%color); |
1001 | printf "Serialization of %%color is %d bytes long.\n", length($str); | |
1002 | $colref3 = thaw($str); | |
7a6a85bf RG |
1003 | |
1004 | which prints (on my machine): | |
1005 | ||
e46aa1dd KW |
1006 | Blue is still 0.100000 |
1007 | Serialization of %color is 102 bytes long. | |
7a6a85bf | 1008 | |
d2b96869 SR |
1009 | Serialization of CODE references and deserialization in a safe |
1010 | compartment: | |
1011 | ||
197b90bc SR |
1012 | =for example begin |
1013 | ||
e46aa1dd KW |
1014 | use Storable qw(freeze thaw); |
1015 | use Safe; | |
1016 | use strict; | |
1017 | my $safe = new Safe; | |
197b90bc | 1018 | # because of opcodes used in "use strict": |
e46aa1dd KW |
1019 | $safe->permit(qw(:default require)); |
1020 | local $Storable::Deparse = 1; | |
1021 | local $Storable::Eval = sub { $safe->reval($_[0]) }; | |
1022 | my $serialized = freeze(sub { 42 }); | |
1023 | my $code = thaw($serialized); | |
1024 | $code->() == 42; | |
197b90bc SR |
1025 | |
1026 | =for example end | |
1027 | ||
1028 | =for example_testing | |
1029 | is( $code->(), 42 ); | |
d2b96869 | 1030 | |
664f237a S |
1031 | =head1 SECURITY WARNING |
1032 | ||
1033 | B<Do not accept Storable documents from untrusted sources!> | |
1034 | ||
1035 | Some features of Storable can lead to security vulnerabilities if you | |
1036 | accept Storable documents from untrusted sources. Most obviously, the | |
1037 | optional (off by default) CODE reference serialization feature allows | |
1038 | transfer of code to the deserializing process. Furthermore, any | |
1039 | serialized object will cause Storable to helpfully load the module | |
1040 | corresponding to the class of the object in the deserializing module. | |
1041 | For manipulated module names, this can load almost arbitrary code. | |
1042 | Finally, the deserialized object's destructors will be invoked when | |
1043 | the objects get destroyed in the deserializing process. Maliciously | |
1044 | crafted Storable documents may put such objects in the value of | |
1045 | a hash key that is overridden by another key/value pair in the | |
1046 | same hash, thus causing immediate destructor execution. | |
1047 | ||
1048 | In a future version of Storable, we intend to provide options to disable | |
1049 | loading modules for classes and to disable deserializing objects | |
1050 | altogether. I<Nonetheless, Storable deserializing documents from | |
1051 | untrusted sources is expected to have other, yet undiscovered, | |
1052 | security concerns such as allowing an attacker to cause the deserializer | |
1053 | to crash hard.> | |
1054 | ||
1055 | B<Therefore, let me repeat: Do not accept Storable documents from | |
1056 | untrusted sources!> | |
1057 | ||
1058 | If your application requires accepting data from untrusted sources, you | |
1059 | are best off with a less powerful and more-likely safe serialization format | |
efaa61e2 | 1060 | and implementation. If your data is sufficiently simple, JSON is a good |
664f237a S |
1061 | choice and offers maximum interoperability. |
1062 | ||
7a6a85bf RG |
1063 | =head1 WARNING |
1064 | ||
1065 | If you're using references as keys within your hash tables, you're bound | |
f062ea6c | 1066 | to be disappointed when retrieving your data. Indeed, Perl stringifies |
7a6a85bf RG |
1067 | references used as hash table keys. If you later wish to access the |
1068 | items via another reference stringification (i.e. using the same | |
1069 | reference that was used for the key originally to record the value into | |
1070 | the hash table), it will work because both references stringify to the | |
1071 | same string. | |
1072 | ||
6fe6778b PN |
1073 | It won't work across a sequence of C<store> and C<retrieve> operations, |
1074 | however, because the addresses in the retrieved objects, which are | |
1075 | part of the stringified references, will probably differ from the | |
1076 | original addresses. The topology of your structure is preserved, | |
1077 | but not hidden semantics like those. | |
7a6a85bf RG |
1078 | |
1079 | On platforms where it matters, be sure to call C<binmode()> on the | |
1080 | descriptors that you pass to Storable functions. | |
1081 | ||
1082 | Storing data canonically that contains large hashes can be | |
1083 | significantly slower than storing the same data normally, as | |
c261f00e | 1084 | temporary arrays to hold the keys for each hash have to be allocated, |
7a6a85bf RG |
1085 | populated, sorted and freed. Some tests have shown a halving of the |
1086 | speed of storing -- the exact penalty will depend on the complexity of | |
1087 | your data. There is no slowdown on retrieval. | |
1088 | ||
1089 | =head1 BUGS | |
1090 | ||
eda690a0 | 1091 | You can't store GLOB, FORMLINE, REGEXP, etc.... If you can define semantics |
197b90bc SR |
1092 | for those operations, feel free to enhance Storable so that it can |
1093 | deal with them. | |
7a6a85bf RG |
1094 | |
1095 | The store functions will C<croak> if they run into such references | |
1096 | unless you set C<$Storable::forgive_me> to some C<TRUE> value. In that | |
1b0fd1e8 JC |
1097 | case, the fatal message is converted to a warning and some meaningless |
1098 | string is stored instead. | |
7a6a85bf RG |
1099 | |
1100 | Setting C<$Storable::canonical> may not yield frozen strings that | |
1101 | compare equal due to possible stringification of numbers. When the | |
f062ea6c | 1102 | string version of a scalar exists, it is the form stored; therefore, |
7a6a85bf RG |
1103 | if you happen to use your numbers as strings between two freezing |
1104 | operations on the same data structures, you will get different | |
1105 | results. | |
1106 | ||
dd19458b JH |
1107 | When storing doubles in network order, their value is stored as text. |
1108 | However, you should also not expect non-numeric floating-point values | |
1109 | such as infinity and "not a number" to pass successfully through a | |
1110 | nstore()/retrieve() pair. | |
1111 | ||
1112 | As Storable neither knows nor cares about character sets (although it | |
1113 | does know that characters may be more than eight bits wide), any difference | |
1114 | in the interpretation of character codes between a host and a target | |
1115 | system is your problem. In particular, if host and target use different | |
1116 | code points to represent the characters used in the text representation | |
1117 | of floating-point numbers, you will not be able be able to exchange | |
1118 | floating-point data, even with nstore(). | |
1119 | ||
c261f00e NC |
1120 | C<Storable::drop_utf8> is a blunt tool. There is no facility either to |
1121 | return B<all> strings as utf8 sequences, or to attempt to convert utf8 | |
1122 | data back to 8 bit and C<croak()> if the conversion fails. | |
1123 | ||
ee0f7aac NC |
1124 | Prior to Storable 2.01, no distinction was made between signed and |
1125 | unsigned integers on storing. By default Storable prefers to store a | |
1126 | scalars string representation (if it has one) so this would only cause | |
3c4b39be | 1127 | problems when storing large unsigned integers that had never been converted |
ee0f7aac NC |
1128 | to string or floating point. In other words values that had been generated |
1129 | by integer operations such as logic ops and then not used in any string or | |
1130 | arithmetic context before storing. | |
1131 | ||
1132 | =head2 64 bit data in perl 5.6.0 and 5.6.1 | |
1133 | ||
1134 | This section only applies to you if you have existing data written out | |
1135 | by Storable 2.02 or earlier on perl 5.6.0 or 5.6.1 on Unix or Linux which | |
1136 | has been configured with 64 bit integer support (not the default) | |
1137 | If you got a precompiled perl, rather than running Configure to build | |
1138 | your own perl from source, then it almost certainly does not affect you, | |
1139 | and you can stop reading now (unless you're curious). If you're using perl | |
1140 | on Windows it does not affect you. | |
1141 | ||
1142 | Storable writes a file header which contains the sizes of various C | |
1143 | language types for the C compiler that built Storable (when not writing in | |
1144 | network order), and will refuse to load files written by a Storable not | |
1145 | on the same (or compatible) architecture. This check and a check on | |
1146 | machine byteorder is needed because the size of various fields in the file | |
1147 | are given by the sizes of the C language types, and so files written on | |
1148 | different architectures are incompatible. This is done for increased speed. | |
1149 | (When writing in network order, all fields are written out as standard | |
1150 | lengths, which allows full interworking, but takes longer to read and write) | |
1151 | ||
1152 | Perl 5.6.x introduced the ability to optional configure the perl interpreter | |
1153 | to use C's C<long long> type to allow scalars to store 64 bit integers on 32 | |
1154 | bit systems. However, due to the way the Perl configuration system | |
1155 | generated the C configuration files on non-Windows platforms, and the way | |
1156 | Storable generates its header, nothing in the Storable file header reflected | |
1157 | whether the perl writing was using 32 or 64 bit integers, despite the fact | |
1158 | that Storable was storing some data differently in the file. Hence Storable | |
1159 | running on perl with 64 bit integers will read the header from a file | |
1160 | written by a 32 bit perl, not realise that the data is actually in a subtly | |
1161 | incompatible format, and then go horribly wrong (possibly crashing) if it | |
1162 | encountered a stored integer. This is a design failure. | |
1163 | ||
1164 | Storable has now been changed to write out and read in a file header with | |
1165 | information about the size of integers. It's impossible to detect whether | |
1166 | an old file being read in was written with 32 or 64 bit integers (they have | |
1167 | the same header) so it's impossible to automatically switch to a correct | |
1168 | backwards compatibility mode. Hence this Storable defaults to the new, | |
1169 | correct behaviour. | |
1170 | ||
1171 | What this means is that if you have data written by Storable 1.x running | |
1172 | on perl 5.6.0 or 5.6.1 configured with 64 bit integers on Unix or Linux | |
1173 | then by default this Storable will refuse to read it, giving the error | |
efaa61e2 | 1174 | I<Byte order is not compatible>. If you have such data then you |
ee0f7aac NC |
1175 | should set C<$Storable::interwork_56_64bit> to a true value to make this |
1176 | Storable read and write files with the old header. You should also | |
1177 | migrate your data, or any older perl you are communicating with, to this | |
1178 | current version of Storable. | |
1179 | ||
1180 | If you don't have data written with specific configuration of perl described | |
1181 | above, then you do not and should not do anything. Don't set the flag - | |
1182 | not only will Storable on an identically configured perl refuse to load them, | |
1183 | but Storable a differently configured perl will load them believing them | |
1184 | to be correct for it, and then may well fail or crash part way through | |
1185 | reading them. | |
1186 | ||
7a6a85bf RG |
1187 | =head1 CREDITS |
1188 | ||
1189 | Thank you to (in chronological order): | |
1190 | ||
1191 | Jarkko Hietaniemi <jhi@iki.fi> | |
1192 | Ulrich Pfeifer <pfeifer@charly.informatik.uni-dortmund.de> | |
51f77169 | 1193 | Benjamin A. Holzman <bholzman@earthlink.net> |
7a6a85bf RG |
1194 | Andrew Ford <A.Ford@ford-mason.co.uk> |
1195 | Gisle Aas <gisle@aas.no> | |
1196 | Jeff Gresham <gresham_jeffrey@jpmorgan.com> | |
1197 | Murray Nesbitt <murray@activestate.com> | |
1198 | Marc Lehmann <pcg@opengroup.org> | |
9e21b3d0 JH |
1199 | Justin Banks <justinb@wamnet.com> |
1200 | Jarkko Hietaniemi <jhi@iki.fi> (AGAIN, as perl 5.7.0 Pumpkin!) | |
dd19458b JH |
1201 | Salvador Ortiz Garcia <sog@msg.com.mx> |
1202 | Dominic Dunlop <domo@computer.org> | |
1203 | Erik Haugan <erik@solbors.no> | |
f17010da RU |
1204 | Benjamin A. Holzman <ben.holzman@grantstreet.com> |
1205 | Reini Urban <rurban@cpanel.net> | |
7a6a85bf RG |
1206 | |
1207 | for their bug reports, suggestions and contributions. | |
1208 | ||
1209 | Benjamin Holzman contributed the tied variable support, Andrew Ford | |
1210 | contributed the canonical order for hashes, and Gisle Aas fixed | |
f062ea6c | 1211 | a few misunderstandings of mine regarding the perl internals, |
7a6a85bf RG |
1212 | and optimized the emission of "tags" in the output streams by |
1213 | simply counting the objects instead of tagging them (leading to | |
1214 | a binary incompatibility for the Storable image starting at version | |
f062ea6c | 1215 | 0.6--older images are, of course, still properly understood). |
7a6a85bf | 1216 | Murray Nesbitt made Storable thread-safe. Marc Lehmann added overloading |
51f77169 AMS |
1217 | and references to tied items support. Benjamin Holzman added a performance |
1218 | improvement for overloaded classes; thanks to Grant Street Group for footing | |
1219 | the bill. | |
7a6a85bf | 1220 | |
7a6a85bf RG |
1221 | =head1 AUTHOR |
1222 | ||
2b212655 | 1223 | Storable was written by Raphael Manfredi |
1224 | F<E<lt>Raphael_Manfredi@pobox.comE<gt>> | |
1225 | Maintenance is now done by the perl5-porters | |
1226 | F<E<lt>perl5-porters@perl.orgE<gt>> | |
0ba8809e NC |
1227 | |
1228 | Please e-mail us with problems, bug fixes, comments and complaints, | |
d119459b | 1229 | although if you have compliments you should send them to Raphael. |
0ba8809e NC |
1230 | Please don't e-mail Raphael with problems, as he no longer works on |
1231 | Storable, and your message will be delayed while he forwards it to us. | |
7a6a85bf RG |
1232 | |
1233 | =head1 SEE ALSO | |
1234 | ||
c261f00e | 1235 | L<Clone>. |
7a6a85bf RG |
1236 | |
1237 | =cut |