Skip Menu |

This queue is for tickets about the Archive-Zip CPAN distribution.

Report information
The Basics
Id: 106548
Status: open
Priority: 0/
Queue: Archive-Zip
People
Owner: Nobody in particular
Requestors: ether [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: 1.57
Fixed in: (no value)

History Show all quoted text
  Wed Aug 19 19:46:46 2015 ether [...] cpan.org - Ticket created
Subject: consistent failures on travis
I'm not sure if you are aware of this, but this distribution does not install on travis, which affects all downstream tests: example https://s3.amazonaws.com/archive.travis-ci.org/jobs/74656354/log.txt --> Working on Archive::Zip Fetching http://www.cpan.org/authors/id/P/PH/PHRED/Archive-Zip-1.49.tar.gz -> OK Unpacking Archive-Zip-1.49.tar.gz Entering Archive-Zip-1.49 Checking configure dependencies from META.json Checking if you have ExtUtils::MakeMaker 0 ... Yes (7.04) Configuring Archive-Zip-1.49 Running Makefile.PL Checking if your kit is complete... Looks good Generating a Unix-style Makefile Writing Makefile for Archive::Zip Writing MYMETA.yml and MYMETA.json -> OK Checking dependencies from MYMETA.json ... Checking if you have File::Copy 0 ... Yes (2.18) Checking if you have IO::Seekable 0 ... Yes (1.10) Checking if you have IO::File 0 ... Yes (1.14) Checking if you have File::Spec 0.80 ... Yes (3.47) Checking if you have IO::Handle 0 ... Yes (1.28) Checking if you have Compress::Raw::Zlib 2.017 ... Yes (2.024) Checking if you have Test::More 0.88 ... Yes (1.001014) Checking if you have File::Find 0 ... Yes (1.15) Checking if you have File::Temp 0 ... Yes (0.22) Checking if you have File::Path 0 ... Yes (2.08_01) Checking if you have File::Basename 0 ... Yes (2.78) Checking if you have Time::Local 0 ... Yes (1.1901_01) Building and testing Archive-Zip-1.49 cp lib/Archive/Zip/MockFileHandle.pm blib/lib/Archive/Zip/MockFileHandle.pm cp lib/Archive/Zip/MemberRead.pm blib/lib/Archive/Zip/MemberRead.pm cp lib/Archive/Zip/FileMember.pm blib/lib/Archive/Zip/FileMember.pm cp lib/Archive/Zip/BufferedFileHandle.pm blib/lib/Archive/Zip/BufferedFileHandle.pm cp lib/Archive/Zip/StringMember.pm blib/lib/Archive/Zip/StringMember.pm cp lib/Archive/Zip/Tree.pm blib/lib/Archive/Zip/Tree.pm cp lib/Archive/Zip/FAQ.pod blib/lib/Archive/Zip/FAQ.pod cp lib/Archive/Zip/Member.pm blib/lib/Archive/Zip/Member.pm cp lib/Archive/Zip.pm blib/lib/Archive/Zip.pm cp lib/Archive/Zip/Archive.pm blib/lib/Archive/Zip/Archive.pm cp lib/Archive/Zip/ZipFileMember.pm blib/lib/Archive/Zip/ZipFileMember.pm cp lib/Archive/Zip/NewFileMember.pm blib/lib/Archive/Zip/NewFileMember.pm cp lib/Archive/Zip/DirectoryMember.pm blib/lib/Archive/Zip/DirectoryMember.pm cp script/crc32 blib/script/crc32 "/home/travis/perl5/perlbrew/perls/5.12/bin/perl" -MExtUtils::MY -e 'MY->fixin(shift)' -- blib/script/crc32 Manifying 4 pod documents PERL_DL_NONLAZY=1 "/home/travis/perl5/perlbrew/perls/5.12/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" "-e" "undef *Test::Harness::Switches; test_harness(0, 'blib/lib', 'blib/arch')" t/*.t t/01_compile.t ................ ok t/02_main.t ................... ok t/03_ex.t ..................... ok t/04_readmember.t ............. ok t/05_tree.t ................... ok t/06_update.t ................. ok t/07_filenames_of_0.t ......... ok t/08_readmember_record_sep.t .. ok t/09_output_record_sep.t ...... ok t/10_chmod.t .................. ok t/11_explorer.t ............... ok t/12_bug_47223.t .............. skipped: Only required on Win32. t/13_bug_46303.t .............. ok t/14_leading_separator.t ...... ok t/15_decrypt.t ................ ok t/16_decrypt.t ................ ok t/17_101092.t ................. ok t/18_bug_92205.t .............. ok t/19_bug_101240.t ............. ok t/20_bug_github11.t ........... ok t/21_zip64.t .................. ok # Failed test 'output zip isn't corrupted' # at t/22_deflated_dir.t line 24. # got: '512' # expected: '0' # Looks like you failed 1 test of 4. t/22_deflated_dir.t ........... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/4 subtests Test Summary Report ------------------- t/22_deflated_dir.t (Wstat: 256 Tests: 4 Failed: 1) Failed test: 4 Non-zero exit status: 1 Files=22, Tests=291, 4 wallclock secs ( 0.10 usr 0.04 sys + 2.88 cusr 0.49 csys = 3.51 CPU) Result: FAIL Failed 1/22 test programs. 1/291 subtests failed. make: *** [test_dynamic] Error 1
  Sun Oct 18 21:50:15 2015 ether [...] cpan.org - Correspondence added
On 2015-08-19 16:46:46, ETHER wrote: Show quoted text
> I'm not sure if you are aware of this, but this distribution does not > install on travis, which affects all downstream tests:
The problem still exists, with the same test failure, in version 1.53. Here is a recent build log: https://s3.amazonaws.com/archive.travis-ci.org/jobs/86105341/log.txt
  Tue Jan 19 16:45:03 2016 ether [...] cpan.org - Correspondence added
On 2015-10-18 18:50:15, ETHER wrote: Show quoted text
> On 2015-08-19 16:46:46, ETHER wrote:
> > I'm not sure if you are aware of this, but this distribution does not > > install on travis, which affects all downstream tests:
> > The problem still exists, with the same test failure, in version 1.53. > > Here is a recent build log: https://s3.amazonaws.com/archive.travis- > ci.org/jobs/86105341/log.txt
Here is another recent build log: https://s3.amazonaws.com/archive.travis-ci.org/jobs/103125841/log.txt Could this be the same issue as described in https://rt.cpan.org/Ticket/Display.html?id=106089 ?
  Tue Jan 19 16:50:36 2016 ether [...] cpan.org - Reference to ticket #106089 added
  Wed Feb 17 01:25:42 2016 ozcoder [...] gmail.com - Correspondence added
From: ozcoder [...] gmail.com
On Tue Jan 19 16:45:03 2016, ETHER wrote: Show quoted text
> On 2015-10-18 18:50:15, ETHER wrote:
> > On 2015-08-19 16:46:46, ETHER wrote:
> > > I'm not sure if you are aware of this, but this distribution does > > > not > > > install on travis, which affects all downstream tests:
> > > > The problem still exists, with the same test failure, in version > > 1.53. > > > > Here is a recent build log: https://s3.amazonaws.com/archive.travis- > > ci.org/jobs/86105341/log.txt
> > > Here is another recent build log: > https://s3.amazonaws.com/archive.travis-ci.org/jobs/103125841/log.txt > > Could this be the same issue as described in > https://rt.cpan.org/Ticket/Display.html?id=106089 ?
Ok, I have finally worked out what is going on. It's actually a bug in that particular version of unzip. There was security bug https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8139 that was sort of fixed in this version, but not quite right. It doesn't allow 0 length field, but the check was wrong. A later version has it fixed correctly. See my non-container Travis run https://travis-ci.org/ozcoder/perl-Archive-Zip/builds/109792014 Gordon
  Wed Feb 17 01:25:42 2016 The RT System itself - Status changed from 'new' to 'open'
  Fri Mar 18 18:25:04 2016 dean [...] fragfest.com.au - Correspondence added
perhaps just skip the test if that version is present? On Wed Feb 17 01:25:42 2016, ozcoder@gmail.com wrote: Show quoted text
> On Tue Jan 19 16:45:03 2016, ETHER wrote:
> > On 2015-10-18 18:50:15, ETHER wrote:
> > > On 2015-08-19 16:46:46, ETHER wrote:
> > > > I'm not sure if you are aware of this, but this distribution does > > > > not > > > > install on travis, which affects all downstream tests:
> > > > > > The problem still exists, with the same test failure, in version > > > 1.53. > > > > > > Here is a recent build log: > > > https://s3.amazonaws.com/archive.travis- > > > ci.org/jobs/86105341/log.txt
> > > > > > Here is another recent build log: > > https://s3.amazonaws.com/archive.travis-ci.org/jobs/103125841/log.txt > > > > Could this be the same issue as described in > > https://rt.cpan.org/Ticket/Display.html?id=106089 ?
> > Ok, I have finally worked out what is going on. It's actually a bug in > that particular version of unzip. There was security bug > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8139 that was > sort of fixed in this version, but not quite right. It doesn't allow 0 > length field, but the check was wrong. A later version has it fixed > correctly. > > See my non-container Travis run https://travis-ci.org/ozcoder/perl- > Archive-Zip/builds/109792014 > > Gordon
  Fri Apr 01 13:52:14 2016 ether [...] cpan.org - Correspondence added
Show quoted text
> > Ok, I have finally worked out what is going on. It's actually a bug in > > that particular version of unzip. There was security bug > > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8139 that was > > sort of fixed in this version, but not quite right. It doesn't allow 0 > > length field, but the check was wrong. A later version has it fixed > > correctly.
On 2016-03-18 15:25:04, djzort wrote: Show quoted text
> perhaps just skip the test if that version is present?
Yes please!!! This would enable the module to install properly on travis, which will unblock *many* broken tests at the moment.
  Fri Apr 01 14:06:55 2016 fred [...] redhotpenguin.com - Correspondence added
Subject: Re: [rt.cpan.org #106548] consistent failures on travis
Date: Fri, 01 Apr 2016 18:06:27 +0000
To: bug-Archive-Zip [...] rt.cpan.org
From: Fred Moyer <fred [...] redhotpenguin.com>
1.57 is off to cpan with these changes On Fri, Apr 1, 2016, 10:52 AM Karen Etheridge via RT < bug-Archive-Zip@rt.cpan.org> wrote: Show quoted text
> Queue: Archive-Zip > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=106548 > >
> > > Ok, I have finally worked out what is going on. It's actually a bug in > > > that particular version of unzip. There was security bug > > > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8139 that was > > > sort of fixed in this version, but not quite right. It doesn't allow 0 > > > length field, but the check was wrong. A later version has it fixed > > > correctly.
> > On 2016-03-18 15:25:04, djzort wrote:
> > perhaps just skip the test if that version is present?
> > Yes please!!! This would enable the module to install properly on travis, > which will unblock *many* broken tests at the moment. >
  Fri Apr 01 15:47:52 2016 ether [...] cpan.org - Correspondence added
On 2016-04-01 11:06:55, fred@redhotpenguin.com wrote: Show quoted text
> 1.57 is off to cpan with these changes
Appreciated! Alas, however, tests still fail... https://s3.amazonaws.com/archive.travis-ci.org/jobs/119989523/log.txt
  Mon Apr 04 07:59:44 2016 REHSACK [...] cpan.org - Correspondence added
Yes, even with recent release, Travis tests still fail - see https://travis-ci.org/perl5-utils/MIME-Base32/jobs/120585903#L291
  Mon Apr 04 11:37:12 2016 exodist7 [...] gmail.com - Correspondence added
On Mon Apr 04 04:59:44 2016, REHSACK wrote: Show quoted text
> Yes, even with recent release, Travis tests still fail - see > https://travis-ci.org/perl5-utils/MIME-Base32/jobs/120585903#L291
I will add that this last release actually seems to have made it worse. Before the last release my testing always worked. The last release has changed that breaking my testing with the same error mentioned in this ticket.
  Mon Apr 04 11:41:17 2016 fred [...] redhotpenguin.com - Correspondence added
Subject: Re: [rt.cpan.org #106548] consistent failures on travis
Date: Mon, 04 Apr 2016 15:40:17 +0000
To: bug-Archive-Zip [...] rt.cpan.org
From: Fred Moyer <fred [...] redhotpenguin.com>
Thoughts on reverting this change and releasing the previous version? I know very little about Travis, so I can't speak to what might resolve this. On Mon, Apr 4, 2016, 8:37 AM Chad Granum via RT <bug-Archive-Zip@rt.cpan.org> wrote: Show quoted text
> Queue: Archive-Zip > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=106548 > > > On Mon Apr 04 04:59:44 2016, REHSACK wrote:
> > Yes, even with recent release, Travis tests still fail - see > > https://travis-ci.org/perl5-utils/MIME-Base32/jobs/120585903#L291
> > > I will add that this last release actually seems to have made it worse. > Before the last release my testing always worked. The last release has > changed that breaking my testing with the same error mentioned in this > ticket. >
  Tue Apr 05 15:41:31 2016 SREZIC [...] cpan.org - Correspondence added
On 2016-04-04 11:41:17, fred@redhotpenguin.com wrote: Show quoted text
> Thoughts on reverting this change and releasing the previous version? > I > know very little about Travis, so I can't speak to what might resolve > this.
I don't think that travis does something special, probably the same failure may be seen on the same OS travis is using (Ubuntu something?). BTW, the same failure happens also on other systems, most notably freebsd and netbsd: http://matrix.cpantesters.org/?dist=Archive-Zip+1.57 Show quoted text
> > On Mon, Apr 4, 2016, 8:37 AM Chad Granum via RT <bug-Archive- > Zip@rt.cpan.org> > wrote: >
> > Queue: Archive-Zip > > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=106548 > > > > > On Mon Apr 04 04:59:44 2016, REHSACK wrote:
> > > Yes, even with recent release, Travis tests still fail - see > > > https://travis-ci.org/perl5-utils/MIME-Base32/jobs/120585903#L291
> > > > > > I will add that this last release actually seems to have made it > > worse. > > Before the last release my testing always worked. The last release > > has > > changed that breaking my testing with the same error mentioned in > > this > > ticket. > >
  Sat Jun 04 08:37:02 2016 SREZIC [...] cpan.org - Broken in 1.57 added
  Mon Jun 06 14:47:17 2016 ether [...] cpan.org - Correspondence added
RT-Send-CC: ozcoder [...] gmail.com, fred [...] redhotpenguin.com
On 2016-03-18 15:25:04, djzort wrote: Show quoted text
> perhaps just skip the test if that version is present?
Show quoted text
> > Ok, I have finally worked out what is going on. It's actually a bug in > > that particular version of unzip. There was security bug > > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8139 that was > > sort of fixed in this version, but not quite right. It doesn't allow 0 > > length field, but the check was wrong. A later version has it fixed > > correctly. > > > > See my non-container Travis run https://travis-ci.org/ozcoder/perl- > > Archive-Zip/builds/109792014
Can this be tested in a -TRIAL release?
  Tue Apr 18 16:35:39 2017 ether [...] cpan.org - Correspondence added
On 2016-06-06 11:47:17, ETHER wrote: Show quoted text
> On 2016-03-18 15:25:04, djzort wrote:
> > perhaps just skip the test if that version is present?
>
> > > Ok, I have finally worked out what is going on. It's actually a bug in > > > that particular version of unzip. There was security bug > > > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8139 that was > > > sort of fixed in this version, but not quite right. It doesn't allow 0 > > > length field, but the check was wrong. A later version has it fixed > > > correctly. > > > > > > See my non-container Travis run https://travis-ci.org/ozcoder/perl- > > > Archive-Zip/builds/109792014
> > Can this be tested in a -TRIAL release?
ping! would it be possible to bypass tests if a buggy zip install is detected?