Security Advisories (1)

CVE-2025-40909 (2025-05-30)

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit. The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6

NAME

Test2::Tools::Exception - Test2 based tools for checking exceptions

DESCRIPTION

This is the Test2 implementation of code used to test exceptions. This is similar to Test::Fatal, but it intentionally does much less.

SYNOPSIS

use Test2::Tools::Exception qw/dies lives/;

like(
    dies { die 'xxx' },
    qr/xxx/,
    "Got exception"
);

ok(lives { ... }, "did not die") or note($@);

EXPORTS

All subs are exported by default.

$e = dies { ... }

This will trap any exception the codeblock throws. If no exception is thrown the sub will return undef. If an exception is thrown it will be returned. This function preserves $@, it will not be altered from its value before the sub is called.

$bool = lives { ... }

This will trap any exception thrown in the codeblock. It will return true when there is no exception, and false when there is. $@ is preserved from before the sub is called when there is no exception. When an exception is trapped $@ will have the exception so that you can look at it.

$bool = try_ok { ... }

$bool = try_ok { ... } "Test Description"

This will run the code block trapping any exception. If there is no exception a passing event will be issued. If the test fails a failing event will be issued, and the exception will be reported as diagnostics.

Note: This function does not preserve $@ on failure, it will be set to the exception the codeblock throws, this is by design so that you can obtain the exception if desired.

DIFFERENCES FROM TEST::FATAL

Test::Fatal sets $Test::Builder::Level such that failing tests inside the exception block will report to the line where exception() is called. I disagree with this, and think the actual line of the failing test is more important. Ultimately, though Test::Fatal cannot be changed, people probably already depend on that behavior.

SOURCE

The source code repository for Test2-Suite can be found at https://github.com/Test-More/test-more/.

MAINTAINERS

Chad Granum <exodist@cpan.org>

AUTHORS

Chad Granum <exodist@cpan.org>

COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

See http://dev.perl.org/licenses/

To install less, copy and paste the appropriate command in to your terminal.

cpanm

cpanm less

CPAN shell

perl -MCPAN -e shell
install less

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)