From 9272d7717d8b526e966928e851451a257a26b0a5 Mon Sep 17 00:00:00 2001 From: Derk-Jan Hartman Date: Wed, 10 May 2017 11:47:49 +0200 Subject: [PATCH] CryptRand: only use random_bytes on php 7 and HHVM This avoids random_bytes polyfills used on older versions of PHP or HHVM. HHVM has had random_bytes longer than PHP so treat it separately. Bug: T143788 Change-Id: Ic9e511ccc043d50e0a9051cdfe069c27e4f4c339 --- includes/libs/CryptRand.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/includes/libs/CryptRand.php b/includes/libs/CryptRand.php index 0d3613ae23..4b4a913569 100644 --- a/includes/libs/CryptRand.php +++ b/includes/libs/CryptRand.php @@ -247,8 +247,11 @@ class CryptRand { // On Linux, getrandom syscall will be used if available. // On Windows CryptGenRandom will always be used // On other platforms, /dev/urandom will be used. + // Avoids polyfills from before php 7.0 // All error situations will throw Exceptions and or Errors - if ( function_exists( 'random_bytes' ) ) { + if ( PHP_VERSION_ID >= 70000 + || ( defined( 'HHVM_VERSION_ID' ) && HHVM_VERSION_ID >= 31101 ) + ) { $rem = $bytes - strlen( $buffer ); $buffer .= random_bytes( $rem ); } -- 2.20.1