PHP :: Bug #74175 :: php_random_bytes() failing with php built on system where SYS

Bug #74175	php_random_bytes() failing with php built on system where SYS_getrandom is defnd
Submitted:	2017-02-27 13:11 UTC	Modified:	2017-02-27 15:48 UTC
From:	lbarnaud@php.net	Assigned:
Status:	Duplicate	Package:	Unknown/Other Function
PHP Version:	7.1.2	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	lbarnaud@php.net
New email:
PHP Version:		OS:

New Comment:

[2017-02-27 13:11 UTC] lbarnaud@php.net

Description:
------------
- Built PHP on a system where the SYS_getrandom macro is defined
- Ran the executable on a Kernel that doesn't implement this syscall
- php_random_bytes() is unable to generate random bytes (always returns FAILURE)

I stumbled upon this issue by running a "php:7-alpine" Docker container (from https://hub.docker.com/_/php/) on a Debian 8 with a 3.16 kernel. The getrandom syscall is apparently implemented in linux 3.17.

The problem became visible when session_regenerate_id() failed with the following error:

    Failed to create new session ID: user (path: /sessions)

Which I traced to php_random_bytes() returning FAILURE.

Expected result:
----------------
php_random_bytes() could fallback to other methods, such as readon /dev/urandom, when the "getrandom" syscall is not implemented by the kernel.

Actual result:
--------------
php_random_bytes() calls syscall(SYS_getrandom, ...). This returns -1, with errno=38. php_random_bytes() returns FAILURE.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-02-27 13:14 UTC] lbarnaud@php.net

-Summary: php_random_bytes() failing with built on system where SYS_getrandom is defined +Summary: php_random_bytes() failing with php built on system where SYS_getrandom is defnd

[2017-02-27 15:48 UTC] requinix@php.net

-Status: Open +Status: Duplicate

[2017-02-27 15:48 UTC] requinix@php.net

Duplicate of bug #74105 which has been fixed in master.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 18:01:29 2024 UTC