From fb732b1f1d6ad44fae6eb820f78f2215a5b52882 Mon Sep 17 00:00:00 2001 From: SammyK Date: Tue, 7 Jul 2015 13:13:12 -0500 Subject: [PATCH 1/3] Prep for new error conditions --- ext/standard/random.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ext/standard/random.c b/ext/standard/random.c index cc15012c20a6c..453c499b4ecae 100644 --- a/ext/standard/random.c +++ b/ext/standard/random.c @@ -24,6 +24,7 @@ #include #include "php.h" +#include "zend_exceptions.h" #include "php_random.h" #if PHP_WIN32 From 3c8cac917b30df59929899f19895fa87aab2deb0 Mon Sep 17 00:00:00 2001 From: SammyK Date: Tue, 7 Jul 2015 13:59:54 -0500 Subject: [PATCH 2/3] Throw exeption when CSPRNG is used to generate empty strings --- ext/standard/random.c | 4 ++-- ext/standard/tests/random/random_bytes_error.phpt | 14 ++++++++++---- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/ext/standard/random.c b/ext/standard/random.c index 453c499b4ecae..8827c311c9fa2 100644 --- a/ext/standard/random.c +++ b/ext/standard/random.c @@ -133,8 +133,8 @@ PHP_FUNCTION(random_bytes) } if (size < 1) { - php_error_docref(NULL, E_WARNING, "Length must be greater than 0"); - RETURN_FALSE; + zend_throw_exception(NULL, "Length must be greater than 0", 0); + return; } bytes = zend_string_alloc(size, 0); diff --git a/ext/standard/tests/random/random_bytes_error.phpt b/ext/standard/tests/random/random_bytes_error.phpt index 466a3ac3bf759..d8e83f44b27f4 100644 --- a/ext/standard/tests/random/random_bytes_error.phpt +++ b/ext/standard/tests/random/random_bytes_error.phpt @@ -6,12 +6,18 @@ Test error operation of random_bytes() var_dump(random_bytes()); -var_dump(random_bytes(-1)); +$bytes = null; +try { + $bytes = random_bytes(0); +} catch (Exception $e) { + var_dump($e->getMessage()); +} +var_dump($bytes); ?> --EXPECTF-- + Warning: random_bytes() expects exactly 1 parameter, 0 given in %s on line %d NULL - -Warning: random_bytes(): Length must be greater than 0 in %s on line %d -bool(false) +string(29) "Length must be greater than 0" +NULL From 1dd73d593d32f67a0b557f4a23c79cf7b0ec1374 Mon Sep 17 00:00:00 2001 From: SammyK Date: Tue, 7 Jul 2015 14:13:16 -0500 Subject: [PATCH 3/3] Allow min and max to be samezies and throw exception if min is greater than max --- ext/standard/random.c | 10 +++++++--- ext/standard/tests/random/random_int.phpt | 3 +++ ext/standard/tests/random/random_int_error.phpt | 13 +++++++++---- 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/ext/standard/random.c b/ext/standard/random.c index 8827c311c9fa2..ab6371ee05c19 100644 --- a/ext/standard/random.c +++ b/ext/standard/random.c @@ -163,9 +163,13 @@ PHP_FUNCTION(random_int) return; } - if (min >= max) { - php_error_docref(NULL, E_WARNING, "Minimum value must be less than the maximum value"); - RETURN_FALSE; + if (min > max) { + zend_throw_exception(NULL, "Minimum value must be less than or equal to the maximum value", 0); + return; + } + + if (min == max) { + RETURN_LONG(min); } umax = max - min; diff --git a/ext/standard/tests/random/random_int.phpt b/ext/standard/tests/random/random_int.phpt index 0c3081452c5d8..836e62b6a2991 100644 --- a/ext/standard/tests/random/random_int.phpt +++ b/ext/standard/tests/random/random_int.phpt @@ -11,8 +11,11 @@ var_dump($x >= 10 && $x <= 100); var_dump(random_int(-1000, -1) < 0); +var_dump(random_int(42, 42)); + ?> --EXPECT-- bool(true) bool(true) bool(true) +int(42) diff --git a/ext/standard/tests/random/random_int_error.phpt b/ext/standard/tests/random/random_int_error.phpt index 5f7a69b21540a..23fb6fa29170c 100644 --- a/ext/standard/tests/random/random_int_error.phpt +++ b/ext/standard/tests/random/random_int_error.phpt @@ -8,7 +8,13 @@ var_dump(random_int()); var_dump(random_int(10)); -var_dump(random_int(10, 0)); +$randomInt = null; +try { + $randomInt = random_int(10, 0); +} catch (Exception $e) { + var_dump($e->getMessage()); +} +var_dump($randomInt); ?> --EXPECTF-- @@ -17,6 +23,5 @@ NULL Warning: random_int() expects exactly 2 parameters, 1 given in %s on line %d NULL - -Warning: random_int(): Minimum value must be less than the maximum value in %s on line %d -bool(false) +string(61) "Minimum value must be less than or equal to the maximum value" +NULL