When representing numeric literal values, Perl has a simple rule: integers that are prefixed with one or more leading zeroes are interpreted as octal, and integers with no leading zero are interpreted as decimal.
While simple, this rule is not known among many developers and is not obvious to those unware of it. Consequently, do not prefix an integer with leading zeros. If it is to be interpreted as octal, use the oct() function, which clearly indicates the number to be treated as octal.
my $perm1 = 0644; # noncompliant, octal my $perm2 = "0644"; # noncompliant, decimal my $perm3 = oct(644); # compliant, octal my $perm4 = 644; # compliant, decimal
Risk Assessment
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
INT00-PL | low | probable | medium | P4 | L3 |
Automated Detection
Tool | Diagnostic |
|---|---|
Perl::Critic | ValuesAndExpressions::ProhibitLeadingZeros |
B::Lint | Illegal octal digit.* |
Bibliography
[CPAN] Elliot Shank, Perl-Critic-1.116 ValuesAndExpressions::ProhibitLeadingZeros
[Conway 2005], pg. 58. "Leading Zeroes"
02. Expressions [!CERT Perl
Secure Coding Standard^button_arrow_right.png!|EXP31-PL. Do not use the two-argument form of open()]