diff options
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/mcrypt/mcrypt.c | 4 | ||||
| -rw-r--r-- | ext/mcrypt/tests/bug70625.phpt | 17 |
3 files changed, 25 insertions, 0 deletions
@@ -5,6 +5,10 @@ PHP NEWS - Date: . Fixed bug #70619 (DateTimeImmutable segfault). (Laruence) +- Mcrypt: + . Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV was + specified under RC4). (Nikita) + - Mysqlnd: . Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the server). (Andrey) diff --git a/ext/mcrypt/mcrypt.c b/ext/mcrypt/mcrypt.c index 5b341123bb..624e2ce786 100644 --- a/ext/mcrypt/mcrypt.c +++ b/ext/mcrypt/mcrypt.c @@ -1237,6 +1237,10 @@ static int php_mcrypt_ensure_valid_iv(MCRYPT td, const char *iv, int iv_size TSR { if (mcrypt_enc_mode_has_iv(td) == 1) { int expected_iv_size = mcrypt_enc_get_iv_size(td); + if (expected_iv_size == 0) { + /* Algorithm does not use IV, even though mode supports it */ + return SUCCESS; + } if (!iv) { php_error_docref(NULL TSRMLS_CC, E_WARNING, diff --git a/ext/mcrypt/tests/bug70625.phpt b/ext/mcrypt/tests/bug70625.phpt new file mode 100644 index 0000000000..e9c0de0be3 --- /dev/null +++ b/ext/mcrypt/tests/bug70625.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #70625: mcrypt_encrypt() : won't return data when no IV was specified under RC4 +--SKIPIF-- +<?php if (!extension_loaded("mcrypt")) print "skip"; ?> +--FILE-- +<?php + +$key = 'secretkey'; +$ciphertext = mcrypt_encrypt(MCRYPT_ARCFOUR, $key, 'payload', MCRYPT_MODE_STREAM); +var_dump(bin2hex($ciphertext)); +$plaintext = mcrypt_decrypt(MCRYPT_ARCFOUR, $key, $ciphertext, MCRYPT_MODE_STREAM); +var_dump($plaintext); + +?> +--EXPECT-- +string(14) "d5c9a57023d0f1" +string(7) "payload" |