php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #47445 Inconsistent results
Submitted: 2009-02-19 01:44 UTC Modified: 2009-02-22 18:22 UTC
Votes:2
Avg. Score:4.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: niall dot ocallaghan at gmail dot com Assigned:
Status: Not a bug Package: mcrypt related
PHP Version: 5.2CVS-2009-02-19 (snap) OS: Windows Vista Ultimate SP1
Private report: No CVE-ID: None
 [2009-02-19 01:44 UTC] niall dot ocallaghan at gmail dot com
Description:
------------
When attempting to encrypt a JSON encoded string using a secret key, I get inconsistent results depending on the data and the key I used. I have managed to recreate this and believe it is an issue with the mcrypt module.  

The JSON string is 303 characters in length, and simply by changing on character from a 6 to a 7, it fixes the problem. I have included a URL for reproducing this error

Reproduce code:
---------------
http://78.137.160.50/fcl/bug.txt

Please note in the above code I have given two example strings. The first does not work (and is a reproduction of this bug), the second does. They are identical strings except for the character at position 297. I changed the 6 to a 7 and it fixes the problem

Expected result:
----------------
I expect to see a decrypted value of the string.

Actual result:
--------------
I see 99% of the string has been decrypted however the last few characters are corrupt.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-02-21 11:12 UTC] felipe@php.net
I can reproduce it on Linux.

{"fg_class_name":"Match","fg_client_api":"d26ec6a426b128c7001a7292a2ad1c0929cd64d7","fg_client_id":1,"fg_direction":"desc","fg_extras":{"GameWeekId":"1"},"fg_method_name":"getMatches","fg_page":1,"fg_request_time":"0.25800200 1235003390","fg_sort":2,"fg_hash":"4e5746e21919d087c69642898b5e46452ce�."P�-
 [2009-02-22 18:22 UTC] derick@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

You are cutting off data while decrypting in same cases because you trip and chop data in:

$input = trim(chop(base64_decode($input)));

This could remove bytes that the decryption requires.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 14 22:01:27 2024 UTC