On 7/14/15 16:04 , Sammy Kaye Powers wrote:
Hello lovely PHP nerds,
There are two open PR's for PHP7 to modify the behavior of the CSPRNG's:
https://github.com/php/php-src/pull/1397 (main discussion)
https://github.com/php/php-src/pull/1398
Currently the random_*() functions will issue a warning and return false if
a good source of random cannot be found. This is a potential security hole
in the event the RNG fails and returns false which gets evaluated as 0 in a
cryptographic context.
On the surface, this sounds like a good thing. Although, I question that
if a user is not checking $result === false, then will they end up just
wrapping this in an empty try/catch so their code does not fail? There
is a mechanism to detect the error now.
I question why the cryptographic functions would not force an integer to
be passed. Those should not accept a boolean and evaluate it as false. I
am not sure what functions you are talking about though. Maybe 3rd party
user land code? Accepting a boolean in those cases is a bug in that code
IMO.
--
Brian.
--------
http://brian.moonspot.net/
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
