Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
bugfix: SimpleSAML\Utils\Crypto returns true for different strings us…
…ing PHP < 5.6. The reason was the lack of conversion to integer for each character of the strings before applying the XOR operator to them. The operator returns always an empty string when applied to two characters, and applying a binary-wise OR between 0 and an empty string, yields 0. Therefore, $diff is always 0, and the function returns true for every two strings with same length, regardless of their contents.
- Loading branch information