|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #47654 Warning about empty IV in ECB mode
Submitted: 2009-03-13 21:28 UTC Modified: 2009-05-08 01:00 UTC
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: saurabh0 at gmail dot com Assigned:
Status: No Feedback Package: mcrypt related
PHP Version: 5.2.9 OS: *
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: saurabh0 at gmail dot com
New email:
PHP Version: OS:


 [2009-03-13 21:28 UTC] saurabh0 at gmail dot com
In ECB mode iv is ignored so there should not be any warning when passing and empty iv string. This was also reported earlier in bugs #43143 and #46010 which were supposedly fixed.

Reproduce code:
$td = mcrypt_module_open('tripledes', '', 'ecb', '');
mcrypt_generic_init($td, 'mysecretkey', '');

Expected result:
No warning. In fact a 'Notice' when a non-empty iv is given in ECB mode mentioning that it will be ignored would be better.

Actual result:
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; supplied length: 0, needed: 8


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2009-04-30 09:03 UTC]
Please try using this CVS snapshot:
For Windows:

 [2009-05-08 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Mon Sep 21 14:01:25 2020 UTC