http://qs321.pair.com?node_id=819601

tlm has asked for the wisdom of the Perl Monks concerning the following question:

Greetings, monks.

I just spent about an hour figuring out some very puzzling Perl behavior, and I thought I'd post what I found so Google may find it if anyone needs it. (As you'll see, this is not a bug, so a bug report is not in order. It's just bewildering on a first encounter.)

(The description that follows assumes a Unix environment; I can't say how applicable any of it is to Windows.)

If I run

% /usr/bin/perl -de 1
...the Perl debugger starts up as usual, no problem.

If I add the -T flag (thus enabling taint mode), the debugger fails to start:

% /usr/bin/perl -Tde 1 Attempt to reload Carp/Heavy.pm aborted. Compilation failed in require at /usr/share/perl/5.10/Carp.pm line 33. Attempt to reload Carp/Heavy.pm aborted. Compilation failed in require at /usr/share/perl/5.10/Carp.pm line 33.

(Of course, here I'm running perl -Tde 1 only as an illustration. In practice one would run more interesting code under -Td.)

I'll spare you the description of all the trials I went through to finally fix this. I'll just cut to the chase and reveal that the culprit is the debugger configuration file ~/.perldb. Even an empty ~/.perldb file is enough to scuttle a run of perl -Td.

Curiously enough, having a ./.perldb file in your current directory is enough to bypass the exception. I think the reason for this is that a ./.perldb masks ~/.perldb, and furthermore, perl does not need to consult the value the environment variable $HOME to determine its location. So, in fact, the real reason for the error seems to be the reading in of a file accessed via a tainted path. By the same token, running perl -Td in your $HOME directory also bypasses the problem, because then ~/.perldb is accessed as if it where any other "local" ~/.perldb file.

In retrospect, it all makes sense, but still, it's unfortunate that the error message that ultimately gets emitted has so little to do with the actual cause of the error.

The take-home message is that the perl debugger runs uneasily under taint mode, and may fail in cryptic ways because of this. In particular, anything that involves %ENV at startup is a potential source of trouble.

Cheers,

the lowliest monk