php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #44714 Mcrypt decrypt output bug in Firefox
Submitted: 2008-04-14 07:12 UTC Modified: 2008-04-14 16:32 UTC
From: isedc at yahoo dot com Assigned:
Status: Not a bug Package: mcrypt related
PHP Version: 5.2.5 OS: Windows Vista
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: isedc at yahoo dot com
New email:
PHP Version: OS:

 

 [2008-04-14 07:12 UTC] isedc at yahoo dot com 
Description:
------------
Following an MCRYPT example on php.net, when decrypting a string that is less than 8 characters, will output in firefox and appended with ? marks to fill the other characters.

Example: ecrypted string is 4 characters long (abcd), when decrypting the string and outputting to firefox displays: abcd????

This was tested with Firefox 2.0.13.  This does not appear to affect Internet Explorer 7.

Reproduce code:
---------------
$key = "d9Qg%R*";
$text = "abcd";
	
$iv_size = mcrypt_get_iv_size(MCRYPT_XTEA, MCRYPT_MODE_ECB);	
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);	
$enc = mcrypt_encrypt(MCRYPT_XTEA, $key, $text, MCRYPT_MODE_ECB, $iv);
	
$crypttext = mcrypt_decrypt(MCRYPT_XTEA, $key, $enc, MCRYPT_MODE_ECB, $iv);
echo $crypttext;

Expected result:
----------------
echo output should be: abcd

Actual result:
--------------
echo output is actually: abcd????

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-04-14 16:32 UTC] derick@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

XTEA is a block algorithm, so it only encrypts/decrypts in blocks. It will therefore pad the string with \\0 bytes up until the block size. Those you see as ? when outputting the decrypted result.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 14:01:32 2024 UTC