Attack of the Killer Bugs!

Perl is without doubt a very complicated programming language. The tiniest typo can yield an error message that scientists could spend years decoding. However, what most people don’t know is that Perl offers facilities that are specifically designed to eliminate the most common errors.

There are thousands of things you can do to squash bugs, but here I’m going to highlight the three most effective tips. You have to be prepared to change your coding style a tiny bit, but it’s absolutely necessary that you use Perl’s built-in bug-finding features in your code: it’s this that separates the beginners from the professionals.

Even if you think your current style is working for you, step back and think about it. Do you spend hours on each bug? Do you dream of squashing bugs in your sleep, only because you don’t have time to seek and destroy them all during the day? If so, you’re a prime candidate for these tips. Don’t simply read this article — act on it. And if you’re a Perl wiz, there’s always room for improvement, isn’t there?

Choose Your Editor Wisely

Not all code editors are equal. Some are simply text editors, like Notepad. Some incorporate syntax highlighting, but not much else. Some balance speed and amenities. And others seem to suffer from feature overload.

You have to choose carefully. An editor without syntax highlighting will give you a large disadvantage. Syntax highlighting shows whether you’ve completed parentheses, quotes, and any other types of delimiting characters. Quoting errors are nearly impossible to make with the right editor, but they can plague you if you choose to use Notepad or a similar editor.

Syntax highlighting isn’t the only feature you need to look for in an editor. Check for the ability:

  • to open multiple files,
  • to change fonts,
  • to automatically indent, and
  • to match braces (to highlight the opening brace when you close a block of code).

The right editor is, by far, more important than anything else when it comes to programming correctly. There are so many possible errors that editors can prevent, that it’s pointless to attempt decent code using a program that’s outdated or low on functionality.

use strict;

The Perl "strict" pragma, as it’s called, is a file that tells Perl to be pickier about your code. A picky Perl will warn you when it sees anything that is potentially an error. You might find that strict prevents you from writing your code the way you’re used to — it’ll certainly seem that way at first.

To give your program the benefit of strictness, simply add use strict; to the top, after any #!/usr/bin/perl lines, but before any other code. So your code should look something like this:

#!/usr/bin/perl  # weather.pl by Perl F. Anatic  use strict;

The major rule that strict enforces is the explicit declaration of variables. No longer can you simply start using a variable, as you will now need to tell Perl about it beforehand. This entails using my, as seen below.

my $fruit = fruit_of_the_day();

Normally, this would have been written as the following.

$fruit = fruit_of_the_day();

Why is it advantageous to use this new style? Strict is good because it makes it impossible to misspell a variable name. Well, not impossible, but if you do so, it’ll give you a very clear warning, and prevent you from becoming even more confused. Consider the following example, where the second time we use the @input variable, we misspell it.

my @input = <>;  print join(":", @inpt);

See what we did? The Perl interpreter doesn’t, that’s for sure! It chugs right along through our code, without even the slightest idea that anything is wrong. If we had added use strict; to the top of our Perl code, we would have seen this warning.

Global symbol "@inpt" requires explicit package name at -e line 1.  Execution of -e aborted due to compilation errors.

Because every variable has to be declared before use, and we haven’t told the interpreter about @inpt, it tells us our error. How much easier could coding be? Without these helpful tips from the Perl interpreter, we could have spent hours searching out the cause of our problems. In a file with hundreds of lines (as opposed to this two-line example), it makes finding your bugs exponentially easier.

use warnings;

Another similar helpful tool is Perl’s built-in warnings. Like the strict pragma, they give you advance warning of any quirks that might or might not be errors, but probably are. Again, just like with strict, you can add them to your program by just adding use warnings; to the top. The top of your code file should now look like this, provided that you want to add both strict and warnings.

#!/usr/bin/perl   # weather.pl by Perl F. Anatic   use strict;   use warnings;

But what exactly do these warnings do? They will show you your typing mistakes, for instance, if you try to use = instead of == in an if block, or you try to add a string to a number, like print "fish" + 4;. These might seem like silly mistakes, but they’re really quite common. If you think about the errors you make when you’re debugging, you will find that most of them are "stupid", and that you just weren’t thinking right when you were coding that bit.

Wrapping It All Up

Debugging will always take more time than it should. Whether it takes you twice as much time as coding new features, or it takes you just a few seconds every week (lucky thing!), these tips will drastically reduce the time you spend being frustrated as you search for that errant mistake. With the tools that are available, you have no excuse to not use them!

For every mistake you make, think about how you could have prevented it as soon as you tested your code. Automate the bug fixing that can be automated. Let the Perl interpreter do the dirty work, and leave the tough problems and new features to us humans. Programming is about making software, not bugs!

Links

The use strict; documentation, visit http://perlmonks.org/index.pl?node=strict

For more information on use strict; and warnings, visit use strict; is not Perl and Use strict and warnings.

Replay

Category: perl Time: 2002-04-14 Views: 1
Tags:

Related post

  • Attack of the killer BBs 2006-03-24

    You may have picked this up already but if not, it's time to think about phpBB and security again. A couple of relevant links – Bot Authors Targeting phpBB Forums and phpBB mass hack being prepared?. Without wishing to say anything bad about phpBB, w

  • I am using Ubuntu 12.04 as live desktop CD for banking am I subject to the Heartbleed bug? 2014-04-12

    I am not running any Apache or any thing that triggers ssl libray, so is there a service in Ubuntu that runs Open ssl by default? So, I am just booting live session for internet browser. Am I safe? --------------Solutions------------- Short answer: N

  • Is the Kaminsky bug still a problem for sites without DNSSEC? 2011-11-21

    I have read about the Kaminsky bug, but I don't fully understand how easy it is to use this vulnerability for an attacker. Are DNS-software updated now so it's not that easy to use this vulnerability for an attacker? or does a secure site need to use

  • Windows Server 2003 W3SVC Failing, Brute Force attack possibly the cause 2012-01-31

    This week my website has disappeared twice for no apparent reason. I logged onto my server (Windows Server 2003 Service Pack 2) and restarted the World Web Publishing service, website still down. I tried restarting a few other services like DNS and C

  • Why is the "kill" command called so? 2012-05-30

    Why was it decided to call the kill command "kill"? I mean, yes, this utility is often used to terminate processes, but it can actually be used to send any signal. Isn't it slightly confusing? Maybe there are some historical reasons. All I know

  • How to patch the Heartbleed bug (CVE-2014-0160) in OpenSSL? 2014-04-07

    As of today, a bug in OpenSSL has been found affecting versions 1.0.1 through 1.0.1f (inclusive) and 1.0.2-beta. Since Ubuntu 12.04, we are all vulnerable to this bug. In order to patch this vulnerability, affected users should update to OpenSSL 1.0.

  • How do I recover from the Heartbleed bug in OpenSSL? 2014-04-08

    CVE-2014-0160 a.k.a. Heartbleed is a vulnerability in OpenSSL. It looks scary. How do I determine whether I am affected? If I'm affected, what do I need to do? Apparently upgrading isn't enough. --------------Solutions------------- This vulnerability

  • Would the Heartbleed bug have been prevented if OpenSSL was written in Go/D/Vala? 2014-04-08

    IIUC the Heartbleed vulnerability happens due to a bug in the C source code of OpenSSL, by performing a memcpy() from a buffer that is too short. I'm wondering if the bug would have been prevented automatically in other languages that have higher-lev

  • Unable to reproduce the ShellShock bug locally 2014-10-05

    I have been trying to reproduce the Shellshock bug on my local 14.04 Ubuntu VM without any luck. I know my local bash version is still vulnerable because the following command prints out the commented part: env x='() { :;}; echo vulnerable' bash -c "

  • Protecting phone from the FREAK bug 2015-03-08

    How can I protect my phone from the FREAK bug? Phone is a Samsung GT-S5830 running Gingerbread. --------------Solutions------------- tl;dr Use browsers (e.g. FireFox) that are proven to be not vulnerable to FREAK bug and try to avoid these sites unti

  • What is the keyboard shortcut to paste from the kill menu in Emacs? 2010-08-09

    Using a fresh Ubuntu install of Emacs, what is the keyboard shortcut to paste from the kill menu? Everything else seems to already have a shortcut defined, does this one need a special entry in the .emacs file or does one exist already? -------------

  • Is Your PHP Application Affected by the Y2K38 Bug? 2010-08-24

    I don't want to be too alarmist, but try running the following PHP code on your system: <?php $date = '2040-02-01'; $format = 'l d F Y H:i'; $mydate1 = strtotime($date); echo '<p>', date($format, $mydate1), '</p>'; ?> With luck, you'll s

  • Meet the jQuery Bug Triage Team 2011-01-05

    We have some good news for you jQuery developers! The jQuery Bug fixing team are performing very well and thier stats have been very impressive! An article on the jQuery.com blog Over the past 60 days, the bug triage team has taken an unwieldy hairy

  • How resistant is BitLocker against brute force attacks on the 48 character recovery key? 2011-01-30

    I've read this TechNet blog post, but I still can't determine how secure BitLocker is against a malicious user that attempts to brute force attack the recovery password. Is anyone familiar with this? Also, how about offline brute force attacks agains

  • Is the last step of an iterated cryptographic hash still as resistant to preimage attacks as the original hash? 2011-09-25

    Considering a cryptographic hash, such as MD5 or SHA2, denoted by the function $H(m)$ where $m$ is an arbitrary binary string, there is a lot of material available that deals with potential weakness to preimage attack. I am interested in resistance t

  • How to simulate DDoS attacks from the Internet? 2011-10-12

    The idea behind security tests is easy. You want to know what a hacker can do - you hire a security expert who acts like a hacker to see how far he can get. You want to know what an evil admin can do - your security experts gets admin privileges and

  • Why not use the word bug instead of exception? 2011-11-05

    If we refer to exceptions as bugs, why not just call it a bug in the first place instead of an exception? If in the code it's called exception and as soon as it occurs it's called a bug. Then why not call it a bug in the first place? Thank you for an

  • Access the Ubuntu bug database using launchladlib 2011-11-11

    I'm trying to write a Python script using launchpadlib that can access the Ubuntu bug database, but I can't find any obvious way to restrict the search to the bugs of a particular project/distro. I know I can access bugs using bug_one = launchpad.bug

  • Trouble understanding the Debian bug reporting system 2011-11-24

    I am currently experiencing this bug, except that I'm using the Wheezy/testing netinstaller. Strangely, I used the netinst .iso a few months ago, and everything was fine. So it almost seems as if the same bug keeps creeping back into the system. That

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development

search

Front-end development

Database

development tools

Open Platform

Javascript development

.NET development

cloud computing

server

Copyright (C) avrocks.com, All Rights Reserved.

processed in 2.800 (s). 13 q(s)