php.net
|
support
|
documentation
|
report a bug
|
advanced search
|
search howto
|
statistics
|
random bug
|
login
go to bug id or search bugs for
Showing 1-30 of 55
Show Next 30 Entries »
Bugs for *Encryption and hash functions
ID#
Date
Last Modified
Type
Status
PHP Version
OS
Summary
Assigned
81744
(edit)
2023-01-05 12:52 UTC
2023-02-13 04:40 UTC
Sec Bug
Closed
8.2.0
Password_verify() always return true with some hash
stas
76794
(edit)
2018-08-25 19:20 UTC
2021-05-31 13:45 UTC
Doc
Closed
Irrelevant
Incorrect use of "$keypair" in LibSodium signing functions
cmb
68109
(edit)
2014-09-26 19:47 UTC
2020-10-31 15:48 UTC
Req
Closed
Irrelevant
NA
Add MurmurHash V3
ab
62488
(edit)
2012-07-06 03:06 UTC
2020-09-18 09:18 UTC
Bug
Closed
5.3.14
Fedora 16 (3.3.4-1.fc16.x86_64)
Invalid bcrypt hash
cmb
53743
(edit)
2011-01-14 02:59 UTC
2020-06-24 12:19 UTC
Bug
Closed
5.3.5
Crypt() returns inconsistant results on numeric strings
nikic
64449
(edit)
2013-03-18 22:25 UTC
2020-06-24 12:07 UTC
Sec Bug
Closed
5.4.13
Linux
crypt doesn't fail on "$" in CRYPT_DES salt
nikic
61852
(edit)
2012-04-25 20:27 UTC
2020-06-24 12:04 UTC
Bug
Closed
5.3.10
CentOS 5
crypt() function incorrectly falls back to CRYPT_STD_DES
nikic
55717
(edit)
2011-09-17 18:15 UTC
2020-04-01 12:17 UTC
Bug
Closed
5.3.8
FreeBSD 7.2
Crypt returns "*0" instead of hashed string.
cmb
75224
(edit)
2017-09-18 13:46 UTC
2019-09-09 16:46 UTC
Req
Closed
Next Minor Version
Win8.1 x64
Allow for argon2id in password_hash
cmb
78510
(edit)
2019-09-07 17:29 UTC
2019-09-09 13:36 UTC
Sec Bug
Closed
7.3.9
Any
Partially uninitialized buffer returned by sodium_crypto_generichash_init()
cmb
78269
(edit)
2019-07-10 09:15 UTC
2019-07-10 16:15 UTC
Sec Bug
Closed
7.2.20
irrevelant
password_hash uses weak options for argon2
78208
(edit)
2019-06-25 16:11 UTC
2019-06-25 18:15 UTC
Bug
Closed
7.4.0alpha1
password_needs_rehash() returns false for password hashed with a different algo
pollita
77646
(edit)
2019-02-21 13:15 UTC
2019-02-21 15:24 UTC
Bug
Closed
7.3.2
Linux
sodium_crypto_sign_detached() does not zero-terminate signature
jedisct1
76291
(edit)
2018-05-02 01:27 UTC
2018-11-09 11:43 UTC
Bug
Closed
7.2.5
MacOSX 10.11
Sodium Base64 no padding variants throw an excepting when decoding
cmb
54667
(edit)
2011-05-05 15:59 UTC
2018-09-14 16:58 UTC
Req
Closed
Irrelevant
$offset parameter for md5_file() and sha1_file()
cmb
76655
(edit)
2018-07-23 07:44 UTC
2018-07-23 10:41 UTC
Doc
Closed
7.2.8
Linux / Windows
libsodium seems not present, "no installation needed" not true
cmb
76290
(edit)
2018-04-30 15:45 UTC
2018-04-30 18:22 UTC
Doc
Closed
7.2.5
N/A
Wrong info in argon2i memory_cost
cmb
74961
(edit)
2017-07-21 09:10 UTC
2018-02-24 15:55 UTC
Bug
Closed
7.2.0beta1
"Disallow non-crypto hashes in HMAC and PBKDF2" implemented poorly
cmb
75572
(edit)
2017-11-26 08:26 UTC
2017-11-29 13:36 UTC
Req
Closed
7.2.0RC6
sodium_crypto_pwhash_str() allow opslimit of 1
jedisct1
75409
(edit)
2017-10-20 09:44 UTC
2017-11-03 19:03 UTC
Bug
Closed
7.1.10
Linux
accept EFAULT in addition to ENOSYS as indicator that getrandom() is missing
sarciszewski
75221
(edit)
2017-09-18 09:40 UTC
2017-10-12 10:58 UTC
Bug
Closed
7.2.0RC2
Win8.1 x64
Argon2i always throws NUL at the end
cmb
75266
(edit)
2017-09-27 09:41 UTC
2017-09-27 15:21 UTC
Doc
Closed
7.2.0RC2
Win8.1 x64
hash_algos doesnt work properly for listing HMAC algos
cmb
74826
(edit)
2017-06-29 02:18 UTC
2017-07-11 07:06 UTC
Bug
Closed
7.2.0alpha2
Windows 10
libsodium does not appear to be present
requinix
66366
(edit)
2013-12-29 04:11 UTC
2017-03-13 10:23 UTC
Doc
Closed
Irrelevant
Undocumented breaking change, when upgrading from php 5.3
narf
64537
(edit)
2013-03-28 11:53 UTC
2017-01-16 14:41 UTC
Doc
Closed
5.5.0beta1
Linux x86_64
Key is truncated for password_hash/crypt
ircmaxell
70744
(edit)
2015-10-19 22:04 UTC
2015-10-26 21:06 UTC
Req
Closed
7.0.0RC5
All except Windows
random_bytes() should not use libc arc4random
leigh
55036
(edit)
2011-06-11 21:00 UTC
2015-05-24 06:12 UTC
Req
Closed
Irrelevant
Have crypt() throw E_WARNING when salt parameter missing
yohgaki
51436
(edit)
2010-03-30 12:38 UTC
2015-04-05 05:16 UTC
Bug
Closed
5.3.2
all
LCG entropy fix insufficient, uniqid leaks entropy, leads to weak session IDs
pajoye
62924
(edit)
2012-08-24 14:15 UTC
2015-01-11 17:53 UTC
Req
Closed
Irrelevant
Any
Add Curve25519 support to PHP
danack
49954
(edit)
2009-10-22 11:51 UTC
2011-09-13 12:21 UTC
Bug
Closed
5.3.0
win32 only - Win XP 64-bit
Crypt() does not work for string < 4 character
pajoye
Showing 1-30 of 55
Show Next 30 Entries »
Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Fri Jun 20 20:01:33 2025 UTC