[perl5.git] / dist / Storable / t / CVE-2015-1592.t

#!/usr/bin/perl

use strict;
use warnings;
use Test::More;
use Storable qw(freeze thaw);
plan tests => 1;

# this original worked with the packaged exploit, but that
# triggers virus scanners, so test for the behaviour instead
my $x = bless \(my $y = "mt-config.cgi"), "CGITempFile";

my $frozen = freeze($x);

{
    my $warnings = '';
    local $SIG{__WARN__} = sub { $warnings .= "@_" };
    thaw($frozen);
    like($warnings, qr/SECURITY: Movable-Type CVE-2015-1592 Storable metasploit attack/,
         'Detect CVE-2015-1592');
}
Commit	Line	Data
fc10c8b7 RU	1	#!/usr/bin/perl
	2
	3	use strict;
fb5f378b	4	use warnings;
fc10c8b7	5	use Test::More;
fb5f378b	6	use Storable qw(freeze thaw);
fc10c8b7 RU	7	plan tests => 1;
fc10c8b7 RU	8
fb5f378b TC	9	# this original worked with the packaged exploit, but that
	10	# triggers virus scanners, so test for the behaviour instead
	11	my $x = bless \(my $y = "mt-config.cgi"), "CGITempFile";
	12
	13	my $frozen = freeze($x);
fc10c8b7	14
fc10c8b7	15	{
fb5f378b TC	16	my $warnings = '';
	17	local $SIG{__WARN__} = sub { $warnings .= "@_" };
	18	thaw($frozen);
	19	like($warnings, qr/SECURITY: Movable-Type CVE-2015-1592 Storable metasploit attack/,
	20	'Detect CVE-2015-1592');
fc10c8b7	21	}