C::Blocks Advent Day 1

In the tradition of the Perl Advent Calendar, I have decided to write an Advent Calendar for C::Blocks, which is in pre-Beta. My plan is to release a new treat each day about the C::Blocks library. Today we will begin with the basics: what it is and how it works.

Perl 5 Porters Mailing List Summary: November 21st-30th

Hey everyone,

Following is the p5p (Perl 5 Porters) mailing list summary for the past week and a half.


meta::hack Wrap-up Report

We had a great four days at meta::hack a couple of weeks ago. I've tried to briefly summarize what we accomplished.

Introducing Net::ACME

I’ve recently finished porting cPanel’s implementation of Let’s Encrypt’s ACME (Automatic Certificate Management Envirionment) protocol to a new CPAN module, Net::ACME.

Net::ACME offers a number of attractive features:

- It’s based closely on cPanel’s widely used Let’s Encrypt plugin.

- Memory usage is light: no Moose/Moo/etc.

- It can run in pure Perl, as long as you have an OpenSSL binary. (Otherwise, it needs Crypt::OpenSSL::RSA.)

- Thorough error checking—even Perl calling context!

- Errors are represented as typed, queryable exceptions. (The framework includes its own exception class hierarchy.)

- It’s “global clean”: no careless overwriting of variables like $@, $!, $?, etc.

The object hierarchy also closely mirrors ACME’s own object hierarchy: separate classes exist to represent ACME registrations, authorizations, challenges, and certificates.

The distribution includes example scripts that demonstrate usage of the module and should also give a good feel for the protocol itself.

I hope it’s useful!

Backticks and tests in Perl 6

Perl was created for systems administration, and Perl 6 has all the chops you've come to expect from the brand. Here I needed to use MD5 checksums from my collaborator to verify that I downloaded all their data without errors. Each data "$file" has an accompanying "$file.md5" that looks like this:

$ cat HOT232_1_0770m/prodigal.gff.md5
a36e4adfaa62cc4adb8cea44c4f7825f  HOT232_1_0770m/prodigal.gff

So I need to read the contents of this file, get just the first field, then execute my local "md5" (or "md5sum") program on the file without the ".md5" extension and determine if they are the same. All standard stuff, and I think Perl 6 gives us elegant ways to accomplish all of these, including a dead-simple testing framework. Here's my solution:

Security release - use after free in DBD::mysql when using prepared statements

DBD::mysql is the perl DBI driver for MySQL and the primary way Perl applications and scripts access MySQL and MariaDB databases. The source repository is at https://github.com/perl5-dbi/DBD-mysql.

A vulnerability was discovered that can lead to a use after free when using prepared statements. This vulnerability is present in all releases at least back to versions 3.0 of the driver, which were released in 2005.

The CVE identifier for this vulnerability is CVE-2016-1251.

Version 4.041, including the fix for this vulnerability, is available on CPAN at https://metacpan.org/pod/DBD::mysql

Users of DBD::mysql with prepared statements are advised to patch their installations as soon as possible.

Many thanks to Pali Rohár for discovering and fixing the vulnerability.

The DBD::mysql maintainers, Patrick Galbraith Michiel Beijen

Shadertoy progress - playlists

The last two weeks, I didn't do much programming with OpenGL and GLSL. I used the weekend to catch up with some of the bug reports on Github and made the application more robust against missing input data or broken shaders. The net result is that it now can also cycle through a set of shaders:

Announcing Mojolicious::Plugin::Routes::Restful

Have Hash Get Routes

One of my long standing mental code blocks has been trying to get me little brain to understand what a 'Route' is. This really came to a head when I first started to use Mojolicous in a big way.


You see in the old days it was easy, you just had an URL that pointed to something and you could either get or a post to it. It was of course used and abused in all sorts of ways, I still have a browser bookmark that looks like this

http://www.roman-artifacts.com/Armor Fragments  Attachments/Lorica Hamata Armor Fragment/lorica hamata fragment.htm?counter=0111&pox=110103....

So the Web, in all its wisdom, came up with many ways to try to set some sort of standard for data transfer and that eventually morphed into what we all now call Web Services. Which to some looks more like this;


About blogs.perl.org

blogs.perl.org is a common blogging platform for the Perl community. Written in Perl and offering the modern features you’ve come to expect in blog platforms, the site is hosted by Dave Cross and Aaron Crane, with a design donated by Six Apart, Ltd.