Bug #100750 for Authen-Simple: Perl interpreter crash when installing Auth-Simple-0.5 in t/09password.t (strawberry perl/win32)

Sat Dec 06 14:39:16 2014 MRHORNER [...] cpan.org - Ticket created

Subject:

Perl interpreter crash when installing Auth-Simple-0.5 in t/09password.t (strawberry perl/win32)

Hello there, I am experiencing perl interpreter crash dialogs when trying to update/install Authen::Simple::Passwd which has Auth-Simple as a dependency; It seems to be crashing during the t/09password.t test. For further information about the perl version/output please take a look at the automated reports: http://www.cpantesters.org/cpan/report/9f729629-6fc6-1014-aa23-111fa794d5e7 the code for the failing test can be found here: https://github.com/chansen/p5-authen-simple/blob/master/t/09password.t I'm using cpan-outdated -p | cpanm to install, here is what I see on my console: --> Working on Authen::Simple::Passwd Fetching http://www.cpan.org/authors/id/C/CH/CHANSEN/Authen-Simple-Passwd-0.6.tar.gz ... OK Configuring Authen-Simple-Passwd-0.6 ... OK ==> Found dependencies: Authen::Simple --> Working on Authen::Simple Fetching http://www.cpan.org/authors/id/C/CH/CHANSEN/Authen-Simple-0.5.tar.gz ... OK Configuring Authen-Simple-0.5 ... OK Building and testing Authen-Simple-0.5 ... here is the stack trace from procexplorer: ntdll.dll!ZwWaitForMultipleObjects+0xa KERNELBASE.dll!WaitForMultipleObjectsEx+0xed KERNEL32.DLL!WaitForMultipleObjects+0xf KERNEL32.DLL!WerpLaunchAeDebug+0x2373 KERNEL32.DLL!WerpLaunchAeDebug+0x1d97 KERNELBASE.dll!UnhandledExceptionFilter+0x1c7 ntdll.dll!memset+0xbbf7 ntdll.dll!_C_specific_handler+0x87 ntdll.dll!_chkstk+0x9d ntdll.dll!RtlRaiseException+0xedb ntdll.dll!KiUserExceptionDispatcher+0x2e perl518.dll!Perl_get_context+0x84 perl518.dll!Perl_my_failure_exit+0xc76b perl518.dll!Perl_runops_standard+0x16 perl518.dll!perl_run+0x379 perl518.dll!RunPerl+0x168 perl.exe+0x13d7 perl.exe+0x14f8 KERNEL32.DLL!BaseThreadInitThunk+0xd ntdll.dll!RtlUserThreadStart+0x1d I'm not sure which of the 15 examples is causing the error and not sure how to best resolve the issue without a bit more output from the test. ultimately Authen::Simple::Password->check is the source of the crash, but nothing sticks out to me when reviewing the code. Let me know if you have any thoughts or suggestions, I would love to get this working on win32. https://github.com/chansen/p5-authen-simple/blob/master/lib/Authen/Simple/Password.pm nice work on a great module. --dave http://dave.thehorners.com/tech-talk/random-tech/522-great-lodge-of-the-royal-order-of-yaks-yak-shaving

Sat Dec 06 14:49:44 2014 MRHORNER [...] cpan.org - Correspondence added

On Sat Dec 06 14:39:16 2014, MRHORNER wrote: Show quoted text

> ultimately Authen::Simple::Password->check is the source of the crash, > but nothing sticks out to me when reviewing the code.

I can't say Authen::Simple:Password->check is the only source for the error, it could also be caused by one of the dependencies. Digest::MD5 and Digest::SHA could also be causing the issue during initialization of @tests. I realized that the report did not include version numbers for these modules; So here they are. D:\>cpanm Digest::MD5 Digest::MD5 is up to date. (2.53) D:\>cpanm Digest::SHA Digest::SHA is up to date. (5.93) Thanks again, --dave http://dave.thehorners.com/tech-talk/programming/94-perl-programming

Sat Dec 06 15:08:20 2014 MRHORNER [...] cpan.org - Correspondence added

So it seems the two binary test lines cause the issue: commenting out the two binary tests provide a running test. if I include either of the binary lines, I get a crashed perl interpreter. #[ 'sha', Digest::SHA::sha1('sha'), 'SHA-1 Binary' ], #[ 'md5', Digest::MD5::md5('md5'), 'MD5 Binary' ], ---- #!perl use strict; use warnings; use feature qw(say); use Authen::Simple::Password qw[]; use Digest::MD5 qw[]; use Digest::SHA qw[]; use Test::More tests => 16; use Config; use constant HAVE_CRYPT => $Config{d_crypt}; #[ 'sha', Digest::SHA::sha1('sha'), 'SHA-1 Binary' ], #[ 'md5', Digest::MD5::md5('md5'), 'MD5 Binary' ], my @tests = ( [ 'plain', 'plain', 'plain' ], [ 'crypt', 'lk9Mh5KHGjAaM', 'crypt' ], [ 'md5', '$1$NRe32ijZ$THIS7aDH.e093oDOGD10M/', '$1$' ], [ 'apr1', '$apr1$0yFRBeLR$an6fzRWvbu9jUAo/iHz4Z/', '$apr1$' ], [ 'cleartext', '{CLEARTEXT}cleartext', '{CLEARTEXT}' ], [ 'crypt', '{CRYPT}lk9Mh5KHGjAaM', '{CRYPT}' ], [ 'md5', '{MD5}G8KbNvYjuoKq9nJP07FnGA==', '{MD5}' ], [ 'smd5', '{SMD5}eVWRi45+VqS2Xw4bJPN+SrGfpVg=', '{SMD5}' ], [ 'sha', '{SHA}2PRZAyDhNDqRW2OUFwZQqPNdaSY=', '{SHA}' ], [ 'ssha', '{SSHA}G0v26K+jqUnI1YFtqFxlgcIZBIp/cO9f', '{SSHA}' ], [ 'md5', Digest::MD5::md5_base64('md5'), 'MD5 Base64' ], [ 'md5', Digest::MD5::md5_hex('md5'), 'MD5 Hex' ], [ 'sha', Digest::SHA::sha1_base64('sha'), 'SHA-1 Base64' ], [ 'sha', Digest::SHA::sha1_hex('sha'), 'SHA-1 Hex' ], ); foreach my $t ( @tests ) { say $t->[0], ' ', $t->[1] , ',', $t->[2]; Authen::Simple::Password->check( $t->[0], $t->[1] ); } the output with the two binary test lines commented out: D:\>perl testauth.pl 1..16 plain plain,plain crypt lk9Mh5KHGjAaM,crypt md5 $1$NRe32ijZ$THIS7aDH.e093oDOGD10M/,$1$ apr1 $apr1$0yFRBeLR$an6fzRWvbu9jUAo/iHz4Z/,$apr1$ cleartext {CLEARTEXT}cleartext,{CLEARTEXT} crypt {CRYPT}lk9Mh5KHGjAaM,{CRYPT} md5 {MD5}G8KbNvYjuoKq9nJP07FnGA==,{MD5} smd5 {SMD5}eVWRi45+VqS2Xw4bJPN+SrGfpVg=,{SMD5} sha {SHA}2PRZAyDhNDqRW2OUFwZQqPNdaSY=,{SHA} ssha {SSHA}G0v26K+jqUnI1YFtqFxlgcIZBIp/cO9f,{SSHA} md5 G8KbNvYjuoKq9nJP07FnGA,MD5 Base64 md5 1bc29b36f623ba82aaf6724fd3b16718,MD5 Hex sha 2PRZAyDhNDqRW2OUFwZQqPNdaSY,SHA-1 Base64 sha d8f4590320e1343a915b6394170650a8f35d6926,SHA-1 Hex # No tests run! a step closer..., --dave

Sat Dec 06 15:08:21 2014 MRHORNER [...] cpan.org - Status changed from 'new' to 'open'

Sat Dec 06 15:08:21 2014 MRHORNER [...] cpan.org - Fixed in 0.5 added

Sat Dec 06 15:35:57 2014 MRHORNER [...] cpan.org - Correspondence added

I pruned all but the binary tests and ran a debugger on it. It seems that crypt() does not like binary data. the offending line: return 1 if crypt( $password, $encrypted ) eq $encrypted; $password=sha $encrypted=╪⌠Y♥ ß4:æ[cö↨♠P¿≤]i& I'm not sure on the best solution. It might be enough to place the crypt test as the last test instead of the second test after plain text. This would give the MD5||SHA modules a chance to succeed and return before trying the crypt(). Not sure if we can test to ensure $encrypted is !binary string, since it might be a platform bug and binary string should work in this instance... I'm not sure. documentation doesn't make it clear to me that binary isn't allowed in the $digest. http://perldoc.perl.org/functions/crypt.html ----output from perl -d------ 1..16 main::(testauth.pl:30): my @tests = ( main::(testauth.pl:31): [ 'sha', Digest::SHA::sha1('sha'), 'SHA-1 Binary' ], main::(testauth.pl:32): [ 'md5', Digest::MD5::md5('md5'), 'MD5 Binary' ], main::(testauth.pl:33): ); SetConsoleMode failed, LastError=|6| at C:/strawberry/perl/site/lib/Term/ReadKey.pm line 334. at C:/strawberry/perl/vendor/lib/Term/ReadLine/readline.pm line 1581. readline::readline(" DB<1> ") called at C:/strawberry/perl/vendor/lib/Term/ReadLine/Perl.pm line 11 Term::ReadLine::Perl::readline(Term::ReadLine::Perl=ARRAY(0x269c608), " DB<1> ") called at C:/strawberry/perl/lib/perl5db.pl l ine 7281 DB::readline(" DB<1> ") called at C:/strawberry/perl/lib/perl5db.pl line 1831 DB::_DB__read_next_cmd(undef) called at C:/strawberry/perl/lib/perl5db.pl line 2741 DB::DB called at testauth.pl line 30 DB<1> s main::(testauth.pl:36): foreach my $t ( @tests ) { DB<1> s main::(testauth.pl:37): say $t->[0], ' ', $t->[1] , ',', $t->[2]; DB<1> s sha ╪⌠Y♥ ß4:æ[cö↨♠P¿≤]i&,SHA-1 Binary main::(testauth.pl:38): Authen::Simple::Password->check( $t->[0], $t->[1] ); DB<1> s Authen::Simple::Password::check(C:/strawberry/perl/site/lib/Authen/Simple/Password.pm:12): 12: my ( $class, $password, $encrypted ) = @_; DB<1> s Authen::Simple::Password::check(C:/strawberry/perl/site/lib/Authen/Simple/Password.pm:15): 15: return 1 if $password eq $encrypted; DB<1> s Authen::Simple::Password::check(C:/strawberry/perl/site/lib/Authen/Simple/Password.pm:25): 25: return 1 if crypt( $password, $encrypted ) eq $encrypted; DB<1> p $password sha DB<2> p $encrypted ╪⌠Y♥ ß4:æ[cö↨♠P¿≤]i& DB<3> s Authen::Simple::Password::check(C:/strawberry/perl/lib/Carp.pm:137): <--- Carp SEGV. 137: local($!, $^E);

Sat Dec 06 15:35:58 2014 MRHORNER [...] cpan.org - Given to CHANSEN

Sat Dec 06 15:35:58 2014 MRHORNER [...] cpan.org - Fixed in 0.5 deleted

Thu May 26 16:13:06 2016 MRHORNER [...] cpan.org - Correspondence added

Since these two tests still cause the test and ultimately the installation of this module to fail on windows. I propose that we simply remove these tests from t/09password.t; Removing them from the @tests array and then conditionally adding them back in if we are not on a windows platform should work. if($^O ne 'MSWin32') { push @tests, [ 'sha', Digest::SHA::sha1('sha'), 'SHA-1 Binary' ]; push @tests, [ 'md5', Digest::MD5::md5('md5'), 'MD5 Binary' ]; } This will resolve this ticket as well as https://rt.cpan.org/Ticket/Display.html?id=92158 Which is reporting the same error as this ticket. Thanks. --dave