Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re^2: Installation of Storable 3.11 fails due to antivirus removing test data

by Lotus1 (Vicar)
on Jan 29, 2019 at 03:47 UTC ( [id://1229103]=note: print w/replies, xml ) Need Help??


in reply to Re: Installation of Storable 3.11 fails due to antivirus removing test data
in thread Installation of Storable 3.11 fails due to antivirus removing test data

Before I posted I suspected the temp file so I tested it. I modified the test file to print the temp file location to STDERR and turned off the CLEANUP option in tempdir(CLEANUP => 1). I then ran the install again and found the 'sploit' file in the temp folder. That wasn't the problem.

The file "t/CVE-2015-1592.inc" is one of the files included with the module in the test folder. It is being deleted by the Antivirus scanner as soon as it is copied to the hard drive. When "t/CVE-2015-1592.t" runs it attempts to run the inc file with Perl (actually $^X) but it isn't there so Perl complains with the "Can't open Perl script [...]" I posted in the OP. Normally, the test runs the inc file, which contains the exploit code, and outputs the result to sploit. It then checks the contents of the sploit file for the warning that Storable is supposed to produce when it detects the exploit.

Replies are listed 'Best First'.
Re^3: Installation of Storable 3.11 fails due to antivirus removing test data
by syphilis (Archbishop) on Jan 29, 2019 at 04:52 UTC
    The file "t/CVE-2015-1592.inc" is one of the files included with the module in the test folder. It is being deleted by the Antivirus scanner as soon as it is copied to the hard drive

    Your AV software is committed to sabotaging the test.
    If you want to install version 3.11, I can see only 2 options - either you disable the AV software, or you force install Storable-3.11.
    I guess a third option is to modify t/CVE-2015-1592.t to be skipped if t/CVE-2015-1592.inc is missing.

    The version of Storable that ships with current blead is 3.14 and, although it contains a test file named t/CVE-2015-1592.t, there's no sign of CVE-2015-1592.inc.
    Perhaps its removing of CVE-2015-1592.inc is in response to the very problem you are experiencing.

    I don't know why Storable-3.14 is not available separately.

    I guess another option is to grab that source from blead source (it's in the 'dist' directory) and see how it goes - or even update your perl to the latest devel vesion of 5.29.7.
    Perl-5.29.7 is proving to be very serviceable for me on Windows 7. It's just a matter of whether you're prepared to build it and use it.

    Cheers,
    Rob

      Rob, Thanks for the suggestions. The force install seems like my best option for this.

      To confirm what you suspected about the Metasploit code being removed from the test suite I found the following on Github in the Perldelta notes for Storable:

      =item * L<Storable> has been upgraded from version 3.13 to 3.14. Storable no longer probes for recursion limits at build time. [perl #133708] and others. Metasploit exploit code was included to test for CVE-2015-1992 detection, this caused anti-virus detections on at least one AV suite. The exploit code has been removed and replaced with a simple functional test. [perl #133706]
        I found the following on Github in the Perldelta notes for Storable

        Thanks for going to the trouble of finding that, and also for reporting back about it.

        I do think that, having fixed the problem, 3.14 ought to have been made more readily available.
        I guess, however, that Storable is rarely installed separately, as it's part of the perl core.

        Cheers,
        Rob

      I agree with this. Disable your antivirus software (which you probably cannot do), or file a report with IT suggesting their AV software is preventing you from getting your job done, or install with --force (or whatever the option is called for your cpan installer). Force install allows for installation even if the tests fail. You know the tests will fail, but assume that things are probably ok anyway.

      The other alternative is to download and extract the tarball, then make, make test, verify that the only failure is the one you believe you can live with, and then make install.


      Dave

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1229103]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others imbibing at the Monastery: (6)
As of 2024-03-19 10:53 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found