Never trust your data

Dieser Post wurde aus meiner alten WordPress-Installation importiert. Sollte es Darstellungsprobleme, falsche Links oder fehlende Bilder geben, bitte einfach hier einen Kommentar hinterlassen. Danke.

substr outside of string at My/Module.pm line 425.

My sub is walking through a string in a loop and shouldn't run a length() call on the string for every single loop iteration. Easy solution: Run the length() call once and store the result in a variable - a typical memory-to-speed conversion.

Another variable will hold the current position within the string, a for my $pos (1..length($string)) won't work, because the script processes the string in variable sized blocks.

my $strlen = length($string);my $pos = 0;while ($pos < $strlen) {

Here is the complaining line 425 and the two lines above:

 my $num_len = $strlen - $pos; $num_len = 10 if $num_len > 10; my $part = substr($string, $pos, $num_len);

But the warning is still firing - why? I tried many samples, here is one: $strlen = 40, $pos = 30, resulting $num_len will be 10 - which is correct.

It took a long time until I replayed a complete run (which isn't easy for this module) with many debug statements (prints) and it turned out, that

• $strlen was 40 (which sounds good for the test case)
• $pos was 152 (which is impossible if $strlen is 40)
• $num_len was -112 (which is correct math, but invalid for this substr call here, because it should never get any chars from the end of the string)

I added a simple check after every $pos change:

return if $pos > $strlen;

Never ever trust any variable value if something is going wrong. I was sure that $pos has the correct position until I tried to proof this.