summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2016-02-04 13:43:46 +0100
committerAndrey Andreev <narf@devilix.net>2016-02-04 13:43:46 +0100
commitec9e96eb09caa9d024c89a8bdb1b00bf6540278a (patch)
treeb3ca014b3d5f98c7f19e65b3fee546ba02af81c7
parente8bcc9eeb4ccbbea78442275c646de21aaaa6594 (diff)
Fix #4427
-rw-r--r--system/helpers/captcha_helper.php45
-rw-r--r--user_guide_src/source/changelog.rst1
2 files changed, 24 insertions, 22 deletions
diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php
index fd1b8f1ed..3c1e006f8 100644
--- a/system/helpers/captcha_helper.php
+++ b/system/helpers/captcha_helper.php
@@ -171,35 +171,36 @@ if ( ! function_exists('create_captcha'))
$byte_index = $word_index = 0;
while ($word_index < $word_length)
{
- list(, $rand_index) = unpack('C', $bytes[$byte_index++]);
- if ($rand_index > $rand_max)
+ // Do we have more random data to use?
+ // It could be exhausted by previous iterations
+ // ignoring bytes higher than $rand_max.
+ if ($byte_index === $pool_length)
{
- // Was this the last byte we have?
- // If so, try to fetch more.
- if ($byte_index === $pool_length)
+ // No failures should be possible if the
+ // first get_random_bytes() call didn't
+ // return FALSE, but still ...
+ for ($i = 0; $i < 5; $i++)
{
- // No failures should be possible if
- // the first get_random_bytes() call
- // didn't return FALSE, but still ...
- for ($i = 0; $i < 5; $i++)
+ if (($bytes = $security->get_random_bytes($pool_length)) === FALSE)
{
- if (($bytes = $security->get_random_bytes($pool_length)) === FALSE)
- {
- continue;
- }
-
- $byte_index = 0;
- break;
+ continue;
}
- if ($bytes === FALSE)
- {
- // Sadly, this means fallback to mt_rand()
- $word = '';
- break;
- }
+ $byte_index = 0;
+ break;
+ }
+
+ if ($bytes === FALSE)
+ {
+ // Sadly, this means fallback to mt_rand()
+ $word = '';
+ break;
}
+ }
+ list(, $rand_index) = unpack('C', $bytes[$byte_index++]);
+ if ($rand_index > $rand_max)
+ {
continue;
}
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index a8cb3f5c3..cde4b8b4e 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -18,6 +18,7 @@ Bug fixes for 3.0.5
- Fixed a regression in :doc:`Form Helper <helpers/form_helper>` functions :php:func:`set_checkbox()`, :php:func:`set_radio()` where "checked" inputs aren't recognized after a form submit.
- Fixed a bug (#4407) - :doc:`Text Helper <helpers/text_helper>` function :php:func:`word_censor()` doesn't work under PHP 7 if there's no custom replacement provided.
- Fixed a bug (#4415) - :doc:`Form Validation Library <libraries/form_validation>` rule **valid_url** didn't accept URLs with IPv6 addresses enclosed in square brackets under PHP 5 (upstream bug).
+- Fixed a bug (#4427) - :doc:`CAPTCHA Helper <helpers/capcha_helper>` triggers an error if the provided character pool is too small.
Version 3.0.4
=============