This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
https://perl5.git.perl.org / perl5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 182bc98)
Warn against tmpfile, and mention perlclib.
authorJarkko Hietaniemi <jhi@iki.fi>
Sun, 20 Jul 2014 13:10:27 +0000 (09:10 -0400)
committerJarkko Hietaniemi <jhi@iki.fi>
Sun, 20 Jul 2014 13:10:27 +0000 (09:10 -0400)
pod/perlhacktips.pod patch | blob | blame | history

diff --git a/pod/perlhacktips.pod b/pod/perlhacktips.pod
index 5cd04e4..c673dde 100644 (file)
--- a/pod/perlhacktips.pod
+++ b/pod/perlhacktips.pod
@@ -581,6 +581,7 @@ snprintf() - the return type is unportable.  Use my_snprintf() instead.
 =head2 Security problems
 
 Last but not least, here are various tips for safer coding.
+See also L<perlclib> for libc/stdio replacements one should use.
 
 =over 4
 
@@ -592,6 +593,12 @@ Or we will publicly ridicule you.  Seriously.
 
 =item *
 
+Do not use tmpfile()
+
+Use mkstemp() instead.
+
+=item *
+
 Do not use strcpy() or strcat() or strncpy() or strncat()
 
 Use my_strlcpy() and my_strlcat() instead: they either use the native
Unnamed repository; edit this file 'description' to name the repository.