PHP :: Bug #68068 :: base64_encode should take byte streams and a length

Bug #68068	base64_encode should take byte streams and a length
Submitted:	2014-09-22 02:01 UTC	Modified:	2014-09-22 05:07 UTC
From:	wzis at hotmail dot com	Assigned:
Status:	Not a bug	Package:	hash related
PHP Version:	Irrelevant	OS:	UNIX/Linux
Private report:	No	CVE-ID:	None

View Developer Edit

[2014-09-22 02:01 UTC] wzis at hotmail dot com

Description:
------------
---
From manual page: http://www.php.net/function.base64-encode
---
base64_encode now only takes one str argument, that will make conversion of a byte stream with \0 in it fail, so can't convert arbitrary byte stream properly.

Test script:
---------------
$randv=shell_exec("dd if=/dev/urandom bs=1 count=6 2>/dev/null");
$salt="\$1\$".base64_encode($randv);

Expected result:
----------------
$salt="\$1\$".base64_encode($randv, 6);

Actual result:
--------------
depends on what we get from the /dev/urandom, the $salt could be shorter than 8 characters as it supposed to be.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2014-09-22 05:07 UTC] rasmus@php.net

-Status: Open +Status: Not a bug

[2014-09-22 05:07 UTC] rasmus@php.net

String lengths in PHP are not determined by a null character. You can easily test this for yourself. If they were, then this should print the same base64 encoded string twice:

echo base64_encode("abc\0def");
echo "\n";
echo base64_encode("abc");

It doesn't, of course.

[2014-09-22 12:22 UTC] wzis at hotmail dot com

Thanks. You are correct, my mistake: I assumed the PHP also uses null as the end of string, and didn't use strlen to check.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri Oct 31 16:00:01 2025 UTC