php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #70742 random_bytes() fails when the SYSTEMROOT env var is empty
Submitted: 2015-10-19 14:56 UTC Modified: 2015-10-20 14:51 UTC
From: nicolas dot grekas+php at gmail dot com Assigned:
Status: Not a bug Package: mcrypt related
PHP Version: 7.0.0RC5 OS: Windows
Private report: No CVE-ID: None
View Developer Edit
 [2015-10-19 14:56 UTC] nicolas dot grekas+php at gmail dot com 
Description:
------------
On Windows, both random_bytes and mcrypt_create_iv fail when the SYSTEMROOT env var is not set.

Test script:
---------------
<?php

putenv('SYSTEMROOT=');

echo strlen(random_bytes(1));

Expected result:
----------------
1

Actual result:
--------------
PHP Warning:  mcrypt_create_iv(): Could not gather sufficient random data

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-10-20 11:16 UTC] ab@php.net
-Status: Open +Status: Not a bug
 [2015-10-20 11:16 UTC] ab@php.net 
Thanks for the report. Why would you want to manipulate this env variable? Doing so, you'll probably break not only this but many other things.

In this particular case, since the default crypto service provider is used, the corresponding DLL will fail to load. Consequently CryptAcquireContext() will fail. This is expected behavior.

Thanks.
 [2015-10-20 13:09 UTC] nicolas dot grekas+php at gmail dot com 
"Not a bug" is fine by me, I mostly wanted to get feedback on this behaviour and document it somewhere.
This can happen more frequently by using proc_open(): when one sets the $env argument, it's easy to miss some important vars there.
 [2015-10-20 14:51 UTC] ab@php.net 
OK, I didn't think about it from this POV, but yes -proc_open() actually doesn't merge env. Btw. it'll be much easier in 7.1, getenv() without arguments will deliver the whole env vars (Ferenc already merged it).

Thanks.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Oct 26 09:00:01 2025 UTC