php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #68930 Completely wrong example in comments
Submitted: 2015-01-28 10:21 UTC Modified: 2015-01-29 02:10 UTC
From: vlajos at gmail dot com Assigned:
Status: Not a bug Package: Documentation problem
PHP Version: Irrelevant OS: any
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: vlajos at gmail dot com
New email:
PHP Version: OS:

 

 [2015-01-28 10:21 UTC] vlajos at gmail dot com
Description:
------------
---
From manual page: http://www.php.net/ref.mcrypt
---

This comment has several issues:
http://php.net/manual/en/ref.mcrypt.php#99263

1.
This code snippet can strip the trailing characters when decrypting if
they match with the padding character.
It shouldn't strip more characters when decrypting than
ord(substr($dec, strlen($dec)-1,1))
Because otherwise it removes the additional characters from the original
string. (If they match accidentally.)

2.
The IV is completely useless here:
The IV is ignored in ECB mode as this mode does not require it. You will
need to have the same IV (think: starting point) both at encryption and
decryption stages, otherwise your encryption will fail.

The first point can lead corruptions, so I suggest to remove this comment. (I send an email already to the original author a few days ago.)


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-01-29 02:10 UTC] mazzanet@php.net
-Status: Open +Status: Not a bug
 [2015-01-29 02:10 UTC] mazzanet@php.net
Not a bug.
 
User notes have vote up and vote down buttons which you can use to show other users of a note's value. You could also write your own note explaining these issues for other user's reference.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 19:01:29 2024 UTC