Security Advisories (1)

CVE-2025-40909 (2025-05-30)

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit. The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6

NAME

Test2::Tools::Grab - Temporarily intercept all events without adding a scope level.

DESCRIPTION

This package provides a function that returns an object that grabs all events. Once the object is destroyed events will once again be sent to the main hub.

SYNOPSIS

use Test2::Tools::Grab;

my $grab = grab();

# Generate some events, they are intercepted.
ok(1, "pass");
ok(0, "fail");

my $events_a = $grab->flush;

# Generate some more events, they are intercepted.
ok(1, "pass");
ok(0, "fail");

my $events_b = $grab->finish;

EXPORTS

$grab = grab()

This lets you intercept all events for a section of code without adding anything to your call stack. This is useful for things that are sensitive to changes in the stack depth.

my $grab = grab();
    ok(1, 'foo');
    ok(0, 'bar');

my $events = $grab->finish;

is(@$events, 2, "grabbed 2 events.");

If the $grab object is destroyed without calling finish(), it will automatically clean up after itself and restore the parent hub.

{
    my $grab = grab();
    # Things are grabbed
}
# Things are back to normal

By default the hub used has no_ending set to true. This will prevent the hub from enforcing that you issued a plan and ran at least 1 test. You can turn enforcement back one like this:

$grab->hub->set_no_ending(0);

With no_ending turned off, finish will run the post-test checks to enforce the plan and that tests were run. In many cases this will result in additional events in your events array.

SOURCE

The source code repository for Test2 can be found at https://github.com/Test-More/test-more/.

MAINTAINERS

Chad Granum <exodist@cpan.org>

AUTHORS

Chad Granum <exodist@cpan.org>

COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

See http://dev.perl.org/licenses/

To install less, copy and paste the appropriate command in to your terminal.

cpanm

cpanm less

CPAN shell

perl -MCPAN -e shell
install less

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)