One of my job's regular tasks involves fixing bugs in a tool implemented as a few dozen programs/modules in various scripting languages, tied together with bash/make. The scripts are piped together, execute each other (Perl backticks galore, see snippet below) and do all sorts of other weird I/O shit, so it is best to watch your step around there.
[code]representative snippet of code:
cat $somefile | somecode.sh
;[/code]
Today I was supposed to make a fix in one of the Perl modules. I started by grepping the entire source against the Perl module's name. I see it mentioned in a Python script I'm not familiar with, so I look inside to check what the dependency is about:
- The author (let's call him Dave) opens up the Perl module file for reading - ok.
- Then Dave runs every line of the Perl source file through a regex match - right, makes sense.
- Then he ... Wait, what?!
Apparently, while writing a Python program, Dave needed configuration data hardcoded in a hash inside the Perl module. He thought:
- Why not write a mini regex Perl parser and just fetch it directly from the source?
- The required data is conveniently kept in an inline hash definition, one key/value pair per line, so this will be super-easy!
The best part is that the Python code doesn't check where that particular hash definition starts and ends. It just accepts any line matching /\s*(\w+)\s*=>\s*'(\w+)',/, so it will happily slurp any other inline-defined hashes from the Perl module.
Cthulhu help me.
Also: good evening, everyone.