search

rschupp / PAR-Packer

(perl) Generate stand-alone executables, perl scripts and PAR files https://metacpan.org/pod/PAR::Packer
Other
48 stars 13 forks source link

Executable on Linux with GLIBC 2.12 corrupting #11

Closed scampbell123 closed 5 years ago

scampbell123 commented 5 years ago

I have a linux binary (compiled with simply "pp -x -o file_out.bin file_in.pl") that runs every 5 minutes.
On systems running GLIBC2.17, I have no issues. However, since I need to support some older RHEL6 boxes, I have to compile this perl script on a box with GLIBC2.12. The built file will run for a few days, or a day, then corrupt itself, changing it's size from about 7MB down to 2.9MB. I can't find a reason for this, and don't know why the file would ever try to update itself on execution. I'm wondering if anyone else has run into anything like this. I've been using pp for years, and never seen this.

rschupp commented 5 years ago

I have to compile this perl script on a box with GLIBC2.12

Just to be clear: you built PAR::Packer on this GLIBC2.12 box and then pp'ed your script there?

corrupt itself, changing it's size from about 7MB down to 2.9MB

Is there a virus scanner at work? In fact, someone doing a "strip" on the executable would probably have the same effect. The reason is that an executable generated by pp is a "real" executable (essentially parl) with "stuff" (e.g. a zip file) appended to it. But this "stuff" is not registered as an ELF section of the executable.

scampbell123 commented 5 years ago

Hi, thanks for the quick reply. Yes, I built PAR::Packer on the GLIBC2.12 box. I also built my perl script with pp on that same box. I then take that compiled perl executable and put it on other RHEL6 boxes running GLIBC2.12.

I first thought it was AV on linux, but cannot find any trace of AV anywhere. SELinux is also disabled. Thanks for helping me understand the makeup of the resulting executable. That is helpful.

I'm still trying to track down what the cause is. Yesterday I did a "chmod a-w FILENAME" to remove WRITE capability from even root on the executable. So far, that has stopped the corruption. But I'd sure like to find the underlying issue.

The only commonality I can find is that the binaries getting corrupted are on RHEL6, GLIBC2.12 boxes. All of my RHEL7/CENTOS7 boxes with higher GLIBC are fine.

I'll continue to research and let you know if I find anything.

scampbell123 commented 5 years ago

Issue resolved!

The culprit was the Linux PRELINK program ((https://linux.die.net/man/8/prelink). I had never heard of it or used it before. Turns out it was trying to be smart and modify any PERL compiled apps for better library linking. Once I excluded my compiled PERL code from the PRELINK config, problems went away.

scampbell123 commented 5 years ago

I'll now close this out as it is most certainly is not a PAR issue.