|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #73810 hex2bin should return false or throw an exception instead of an E_WARNING
Submitted: 2016-12-24 15:05 UTC Modified: 2016-12-27 13:55 UTC
Avg. Score:4.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: francesco dot montanari at outlook dot com Assigned:
Status: Open Package: Strings related
PHP Version: 7.1.0 OS: All
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: francesco dot montanari at outlook dot com
New email:
PHP Version: OS:


 [2016-12-24 15:05 UTC] francesco dot montanari at outlook dot com
I agree with this thread:
"a function that is supposed to deal with external inputs is better if it returns FALSE without error"

Now we have to do something like this:

$binaryUuid = @hex2bin(str_replace('-', '', $_GET['uuid']));
if($binaryUuid === false) {
    // Show an "Invalid UUID" error

but using the "@" operator is considered bad practice, and validate the input BEFORE passing it to hex2bin is out of discussion because it will slow down the app for nothing (for example I receive 10 million valid uuid per day, and only about a hundred invalid ones).

Returning false, or throwing a catchable exception would be a better behaviour


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2016-12-25 23:45 UTC]
Exceptions are preferred, but exception adoption should be done with consistency. i.e. All standard module features should adopt exception at least.

For the time being, use ErrorException with your error handler.

i.e. Throw ErrorException from your error handler to convert errors to exceptions.
 [2016-12-27 13:55 UTC]
-Package: Unknown/Other Function +Package: Strings related
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Tue Jun 15 01:01:24 2021 UTC