php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52924 resource type set to empty after bad mcrypt_generic_init call
Submitted: 2010-09-25 21:51 UTC Modified: 2011-05-31 11:59 UTC
From: terrafrost@php.net Assigned: derick (profile)
Status: Not a bug Package: mcrypt related
PHP Version: 5.3.3 OS: Windows 7
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: terrafrost@php.net
New email:
PHP Version: OS:

 

 [2010-09-25 21:51 UTC] terrafrost@php.net
Description:
------------
Calling mcrypt_generic_init() with bad values changes the resource type from mcrypt to Unknown.  It seems like what should happen is that the resource type should remain the same and that mcrypt_generic_init should simply do nothing.  Maybe output a warning (as it currently does) but not change the resource type.

A bad call to curl_setopt(), for example, doesn't change the resource type from curl to Unknown as demonstrated thusly:

<?php
$curl = curl_init();
@curl_setopt($curl);
var_dump($curl);
?>

Per that it doesn't seem like a bad call to mcrypt_generic_init() ought to change anything either.

Test script:
---------------
<?php
$mcrypt = @mcrypt_module_open(MCRYPT_DES, '', MCRYPT_MODE_ECB, '');
@mcrypt_generic_init($mcrypt, '', '');
var_dump($mcrypt);
?>

Expected result:
----------------
resource(4) of type (mcrypt)

Actual result:
--------------
resource(4) of type (Unknown)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-09-27 23:54 UTC] felipe@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: derick
 [2010-09-27 23:54 UTC] felipe@php.net
According to the code, this is required to prevent possible crash.

See:
	result = mcrypt_generic_init(pm->td, key_s, key_size, iv_s);

	/* If this function fails, close the mcrypt module to prevent crashes
	 * when further functions want to access this resource */
	if (result < 0) {
		zend_list_delete(Z_LVAL_P(mcryptind));
 [2011-05-31 11:59 UTC] iliaa@php.net
-Status: Assigned +Status: Bogus
 [2011-05-31 11:59 UTC] iliaa@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 12:01:31 2024 UTC