#!/usr/bin/perl
use strict;
+use warnings;
use Test::More;
+use Storable qw(freeze thaw);
plan tests => 1;
-use File::Temp qw(tempdir);
-use File::Spec;
-my $tmp_dir = tempdir(CLEANUP => 1);
-my $tmp_file = File::Spec->catfile($tmp_dir, 'sploit');
+# this original worked with the packaged exploit, but that
+# triggers virus scanners, so test for the behaviour instead
+my $x = bless \(my $y = "mt-config.cgi"), "CGITempFile";
+
+my $frozen = freeze($x);
-my $file = __FILE__;
-$file =~ s/\.t$/.inc/;
-my $inc = $ENV{PERL_CORE} ? "-Ilib -I../../lib" : "-I".join(" -I", @INC);
-system qq($^X $inc -w "$file" 2>$tmp_file);
-open(my $fh, "<", $tmp_file) or die "$tmp_file $!";
{
- local $/;
- my $err = <$fh>;
- like($err, qr/SECURITY: Movable-Type CVE-2015-1592 Storable metasploit attack/,
- 'Detect CVE-2015-1592');
+ my $warnings = '';
+ local $SIG{__WARN__} = sub { $warnings .= "@_" };
+ thaw($frozen);
+ like($warnings, qr/SECURITY: Movable-Type CVE-2015-1592 Storable metasploit attack/,
+ 'Detect CVE-2015-1592');
}
https://perl5.git.perl.org / perl5.git / blobdiff