php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #47654 Warning about empty IV in ECB mode
Submitted: 2009-03-13 21:28 UTC Modified: 2009-05-08 01:00 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: saurabh0 at gmail dot com Assigned:
Status: No Feedback Package: mcrypt related
PHP Version: 5.2.9 OS: *
Private report: No CVE-ID: None
View Developer Edit
 [2009-03-13 21:28 UTC] saurabh0 at gmail dot com 
Description:
------------
In ECB mode iv is ignored so there should not be any warning when passing and empty iv string. This was also reported earlier in bugs #43143 and #46010 which were supposedly fixed.




Reproduce code:
---------------
$td = mcrypt_module_open('tripledes', '', 'ecb', '');
mcrypt_generic_init($td, 'mysecretkey', '');

Expected result:
----------------
No warning. In fact a 'Notice' when a non-empty iv is given in ECB mode mentioning that it will be ignored would be better.

Actual result:
--------------
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; supplied length: 0, needed: 8

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-04-30 09:03 UTC] jani@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/
 [2009-05-08 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri Nov 07 08:00:02 2025 UTC