check iv length

src/Illuminate/Encryption/Encrypter.php

@@ -206,9 +206,8 @@ protected function getJsonPayload($payload)
      */
     protected function validPayload($payload)
     {
-        return is_array($payload) && isset(
-            $payload['iv'], $payload['value'], $payload['mac']
-        );
+        return is_array($payload) && isset($payload['iv'], $payload['value'], $payload['mac']) &&
+               strlen(base64_decode($payload['iv'], true)) === openssl_cipher_iv_length($this->cipher);
     }
 
     /**