PHP :: Bug #55169 :: mcrypt_create_iv always fails to gather sufficient random data

Bug #55169	mcrypt_create_iv always fails to gather sufficient random data
Submitted:	2011-07-09 16:23 UTC	Modified:	2011-07-23 06:21 UTC
From:	nikic@php.net	Assigned:	pajoye (profile)
Status:	Closed	Package:	mcrypt related
PHP Version:	5.4SVN-2011-07-09 (snap)	OS:	Windows 7
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	nikic@php.net
New email:
PHP Version:		OS:

New Comment:

[2011-07-09 16:23 UTC] nikic@php.net

Description:
------------
When using the 5.4 snaps calling mcrypt_create_iv with either MCRYPT_DEV_RANDOM or MCRYPT_DEV_URANDOM as source always fails to gather sufficient random data regardless of the specified size.

(Could be related: http://svn.php.net/viewvc?view=revision&revision=312201 )

Test script:
---------------
<?php var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));

Expected result:
----------------
string 'm' (length=1)
[or similar]

Actual result:
--------------
Fatal error: mcrypt_create_iv() [<a href='function.mcrypt-create-iv'>function.mcrypt-create-iv</a>]: Could not gather sufficient random data in D:\htdocs\stack\quick.php on line 3

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2011-07-09 16:26 UTC] nikic@php.net

Some further notes:

The code always fails, not just sometimes.
It fails regardless of the specified size.
It worked on PHP 5.3.1 (haven't tested later versions).

[2011-07-10 10:36 UTC] pajoye@php.net

Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313110
Log: - fix bug #55169, mcrypt_create_iv always fails to gather sufficient random data

[2011-07-10 10:37 UTC] pajoye@php.net

-Status: Open +Status: Feedback

[2011-07-10 10:37 UTC] pajoye@php.net

I apply a fix to all branches (5.3 was possibly affected as well). Please try a 
snapshot with the revision id equal or higher to the commit referred here.

[2011-07-10 11:09 UTC] nikic@php.net

I just tried snaps for 312169 and 312203. The former still worked, but the latter was already broken:

D:\htdocs\stack>C:\php312169\php.exe -f quick.php
string(1) "ð"

D:\htdocs\stack>C:\php312203\php.exe -f quick.php

Fatal error: mcrypt_create_iv(): Could not gather sufficient random data in D:\h
tdocs\stack\quick.php on line 3

[2011-07-10 11:12 UTC] nikic@php.net

Just tried the snap for 312201, too, and it seems to work there too. Does that mean that either 312202 or 312203 broke it?

D:\htdocs\stack>C:\php312201\php.exe -f quick.php
string(1) "B"

[2011-07-10 11:19 UTC] nikic@php.net

Oi, I didn't see your comment, I'm sorry. I will try as soon as a binary is available ;)

[2011-07-10 11:32 UTC] pajoye@php.net

yes, 313110 or higher is what you have to test (see the commit in this report, the 
commits tab).

[2011-07-10 14:32 UTC] nikic@php.net

I'm still seeing the issue in 313114:

D:\htdocs\stack>C:\php313114\php.exe -f quick.php

Warning: mcrypt_create_iv(): Could not gather sufficient random data in D:\htdoc
s\stack\quick.php on line 3
bool(false)

[2011-07-10 14:53 UTC] nikic@php.net

I just tried using an nts instead of a ts build, and it worked there. So it's seems to be some thread safety related problem.

[2011-07-10 16:58 UTC] pajoye@php.net

I can't reproduce the problem, are you sure you used the right binaries?


c:\test\php540r313114>php -d extension_dir=ext -d extension=php_openssl.dll -r 
"var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));"
string(1) "☺"

and using NTS:

c:\test\php540ntsr313114>php -d extension_dir=ext -d extension=php_openssl.dll -
r "var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));"
string(1) "║"

[2011-07-10 17:38 UTC] nikic@php.net

-Status: Feedback +Status: Closed -Assigned To: +Assigned To: nikic

[2011-07-10 17:38 UTC] nikic@php.net

Hm, seems like I indeed used some wrong binary. I have just downloaded 313114ts again and it worked :)

Thanks for the quick fix and sorry for the confusion ^^

Closing this then ;)

[2011-07-10 17:41 UTC] nikic@php.net

-Assigned To: nikic +Assigned To: pajoye

[2011-07-10 17:41 UTC] nikic@php.net

Argh, I just can't handle this bugtracker :( Seems like it assignes the bug to me if I leave the "Assign to" field empty.

[2011-07-11 11:06 UTC] aharvey@php.net

-Status: Closed +Status: Bogus -Assigned To: pajoye +Assigned To:

[2011-07-11 11:08 UTC] nikic@php.net

Why is this Bogus now?

[2011-07-11 12:41 UTC] pajoye@php.net

-Status: Bogus +Status: Open

[2011-07-11 12:41 UTC] pajoye@php.net

No idea, who made that change?

[2011-07-11 12:50 UTC] aharvey@php.net

I did. Sorry, misread the bug. The lesson is that I need to do one thing at once, 
rather than ten. :)

[2011-07-11 14:20 UTC] nikic@php.net

-Status: Open +Status: Closed

[2011-07-11 14:20 UTC] nikic@php.net

Okay, closing it again then ;)

[2011-07-11 14:23 UTC] pajoye@php.net

-Status: Closed +Status: Assigned -Assigned To: +Assigned To: pajoye

[2011-07-11 14:23 UTC] pajoye@php.net

just assigning it to me, needs some more testing under apache and IIS, Seldaek is 
still having this problem

[2011-07-12 07:46 UTC] pajoye@php.net

Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313175
Log: - Bug #55169, improve fix, allow non interactive user, hash-like ops only usage

[2011-07-18 13:10 UTC] pajoye@php.net

Quick update, issue fixed in svn (5.3+), keep it open until Ryan applies the new 
tests.

[2011-07-20 14:59 UTC] yaauie@php.net

Automatic comment from SVN on behalf of yaauie
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313485
Log: tests for bug #55169 (mcrypt and openssl)

[2011-07-20 16:57 UTC] yaauie@php.net

Automatic comment from SVN on behalf of yaauie
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313487
Log: update test for bug #55169, don't require the extension in INI

[2011-07-20 17:12 UTC] yaauie@php.net

Automatic comment from SVN on behalf of yaauie
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313488
Log: update test for bug #55169, fix skipif

[2011-07-20 17:25 UTC] yaauie@php.net

Automatic comment from SVN on behalf of yaauie
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313489
Log: removing openssl test for bug #55169 per Scott MacVicar's request; duplicate coverage of opensssl_random_pseudo_bytes.phpt

[2011-07-23 06:21 UTC] pajoye@php.net

-Status: Assigned +Status: Closed

[2011-07-23 06:21 UTC] pajoye@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

[2012-04-18 09:49 UTC] laruence@php.net

Automatic comment on behalf of pajoye
Revision: http://git.php.net/?p=php-src.git;a=commit;h=04432e7dd85d774a3eac6f3effca9f4e7cfb42d6
Log: - fix bug #55169, mcrypt_create_iv always fails to gather sufficient random data

[2012-07-24 23:41 UTC] rasmus@php.net

Automatic comment on behalf of pajoye
Revision: http://git.php.net/?p=php-src.git;a=commit;h=04432e7dd85d774a3eac6f3effca9f4e7cfb42d6
Log: - fix bug #55169, mcrypt_create_iv always fails to gather sufficient random data

[2013-11-17 09:37 UTC] laruence@php.net

Automatic comment on behalf of pajoye
Revision: http://git.php.net/?p=php-src.git;a=commit;h=04432e7dd85d774a3eac6f3effca9f4e7cfb42d6
Log: - fix bug #55169, mcrypt_create_iv always fails to gather sufficient random data

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Jan 30 07:01:31 2025 UTC