php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #55169 mcrypt_create_iv always fails to gather sufficient random data
Submitted: 2011-07-09 16:23 UTC Modified: 2011-07-23 06:21 UTC
From: nikic@php.net Assigned: pajoye (profile)
Status: Closed Package: mcrypt related
PHP Version: 5.4SVN-2011-07-09 (snap) OS: Windows 7
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: nikic@php.net
New email:
PHP Version: OS:

 

 [2011-07-09 16:23 UTC] nikic@php.net 
Description:
------------
When using the 5.4 snaps calling mcrypt_create_iv with either MCRYPT_DEV_RANDOM or MCRYPT_DEV_URANDOM as source always fails to gather sufficient random data regardless of the specified size.

(Could be related: http://svn.php.net/viewvc?view=revision&revision=312201 )

Test script:
---------------
<?php var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));

Expected result:
----------------
string 'm' (length=1)
[or similar]

Actual result:
--------------
Fatal error: mcrypt_create_iv() [<a href='function.mcrypt-create-iv'>function.mcrypt-create-iv</a>]: Could not gather sufficient random data in D:\htdocs\stack\quick.php on line 3

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-07-09 16:26 UTC] nikic@php.net 
Some further notes:

The code always fails, not just sometimes.
It fails regardless of the specified size.
It worked on PHP 5.3.1 (haven't tested later versions).
 [2011-07-10 10:36 UTC] pajoye@php.net 
Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313110
Log: - fix bug #55169, mcrypt_create_iv always fails to gather sufficient random data
 [2011-07-10 10:37 UTC] pajoye@php.net
-Status: Open +Status: Feedback
 [2011-07-10 10:37 UTC] pajoye@php.net 
I apply a fix to all branches (5.3 was possibly affected as well). Please try a 
snapshot with the revision id equal or higher to the commit referred here.
 [2011-07-10 11:09 UTC] nikic@php.net 
I just tried snaps for 312169 and 312203. The former still worked, but the latter was already broken:

D:\htdocs\stack>C:\php312169\php.exe -f quick.php
string(1) "ð"

D:\htdocs\stack>C:\php312203\php.exe -f quick.php

Fatal error: mcrypt_create_iv(): Could not gather sufficient random data in D:\h
tdocs\stack\quick.php on line 3
 [2011-07-10 11:12 UTC] nikic@php.net 
Just tried the snap for 312201, too, and it seems to work there too. Does that mean that either 312202 or 312203 broke it?

D:\htdocs\stack>C:\php312201\php.exe -f quick.php
string(1) "B"
 [2011-07-10 11:19 UTC] nikic@php.net 
Oi, I didn't see your comment, I'm sorry. I will try as soon as a binary is available ;)
 [2011-07-10 11:32 UTC] pajoye@php.net 
yes, 313110 or higher is what you have to test (see the commit in this report, the 
commits tab).
 [2011-07-10 14:32 UTC] nikic@php.net 
I'm still seeing the issue in 313114:

D:\htdocs\stack>C:\php313114\php.exe -f quick.php

Warning: mcrypt_create_iv(): Could not gather sufficient random data in D:\htdoc
s\stack\quick.php on line 3
bool(false)
 [2011-07-10 14:53 UTC] nikic@php.net 
I just tried using an nts instead of a ts build, and it worked there. So it's seems to be some thread safety related problem.
 [2011-07-10 16:58 UTC] pajoye@php.net 
I can't reproduce the problem, are you sure you used the right binaries?


c:\test\php540r313114>php -d extension_dir=ext -d extension=php_openssl.dll -r 
"var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));"
string(1) "☺"

and using NTS:

c:\test\php540ntsr313114>php -d extension_dir=ext -d extension=php_openssl.dll -
r "var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));"
string(1) "║"
 [2011-07-10 17:38 UTC] nikic@php.net
-Status: Feedback +Status: Closed -Assigned To: +Assigned To: nikic
 [2011-07-10 17:38 UTC] nikic@php.net 
Hm, seems like I indeed used some wrong binary. I have just downloaded 313114ts again and it worked :)

Thanks for the quick fix and sorry for the confusion ^^

Closing this then ;)
 [2011-07-10 17:41 UTC] nikic@php.net
-Assigned To: nikic +Assigned To: pajoye
 [2011-07-10 17:41 UTC] nikic@php.net 
Argh, I just can't handle this bugtracker :( Seems like it assignes the bug to me if I leave the "Assign to" field empty.
 [2011-07-11 11:06 UTC] aharvey@php.net
-Status: Closed +Status: Bogus -Assigned To: pajoye +Assigned To:
 [2011-07-11 11:08 UTC] nikic@php.net 
Why is this Bogus now?
 [2011-07-11 12:41 UTC] pajoye@php.net
-Status: Bogus +Status: Open
 [2011-07-11 12:41 UTC] pajoye@php.net 
No idea, who made that change?
 [2011-07-11 12:50 UTC] aharvey@php.net 
I did. Sorry, misread the bug. The lesson is that I need to do one thing at once, 
rather than ten. :)
 [2011-07-11 14:20 UTC] nikic@php.net
-Status: Open +Status: Closed
 [2011-07-11 14:20 UTC] nikic@php.net 
Okay, closing it again then ;)
 [2011-07-11 14:23 UTC] pajoye@php.net
-Status: Closed +Status: Assigned -Assigned To: +Assigned To: pajoye
 [2011-07-11 14:23 UTC] pajoye@php.net 
just assigning it to me, needs some more testing under apache and IIS, Seldaek is 
still having this problem
 [2011-07-12 07:46 UTC] pajoye@php.net 
Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313175
Log: - Bug #55169, improve fix, allow non interactive user, hash-like ops only usage
 [2011-07-18 13:10 UTC] pajoye@php.net 
Quick update, issue fixed in svn (5.3+), keep it open until Ryan applies the new 
tests.
 [2011-07-20 14:59 UTC] yaauie@php.net 
Automatic comment from SVN on behalf of yaauie
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313485
Log: tests for bug #55169 (mcrypt and openssl)
 [2011-07-20 16:57 UTC] yaauie@php.net 
Automatic comment from SVN on behalf of yaauie
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313487
Log: update test for bug #55169, don't require the extension in INI
 [2011-07-20 17:12 UTC] yaauie@php.net 
Automatic comment from SVN on behalf of yaauie
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313488
Log: update test for bug #55169, fix skipif
 [2011-07-20 17:25 UTC] yaauie@php.net 
Automatic comment from SVN on behalf of yaauie
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=313489
Log: removing openssl test for bug #55169 per Scott MacVicar's request; duplicate coverage of opensssl_random_pseudo_bytes.phpt
 [2011-07-23 06:21 UTC] pajoye@php.net
-Status: Assigned +Status: Closed
 [2011-07-23 06:21 UTC] pajoye@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2012-04-18 09:49 UTC] laruence@php.net 
Automatic comment on behalf of pajoye
Revision: http://git.php.net/?p=php-src.git;a=commit;h=04432e7dd85d774a3eac6f3effca9f4e7cfb42d6
Log: - fix bug #55169, mcrypt_create_iv always fails to gather sufficient random data
 [2012-07-24 23:41 UTC] rasmus@php.net 
Automatic comment on behalf of pajoye
Revision: http://git.php.net/?p=php-src.git;a=commit;h=04432e7dd85d774a3eac6f3effca9f4e7cfb42d6
Log: - fix bug #55169, mcrypt_create_iv always fails to gather sufficient random data
 [2013-11-17 09:37 UTC] laruence@php.net 
Automatic comment on behalf of pajoye
Revision: http://git.php.net/?p=php-src.git;a=commit;h=04432e7dd85d774a3eac6f3effca9f4e7cfb42d6
Log: - fix bug #55169, mcrypt_create_iv always fails to gather sufficient random data
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 05:01:29 2024 UTC