composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-25 19:48:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°1529: Correct wrong constant name for Mcrypt, handle iv generation fails to avoid data corruption

Browse Source
This commit is contained in:
Stephen Abello
2019-04-24 11:44:43 +02:00
parent 87ee731dbe
commit 99f398a87e
1 changed files with 24 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
core/simplecrypt.class.inc.php
View File

@@ -261,7 +261,10 @@ class SimpleCryptMcryptEngine implements CryptEngine
public function Encrypt($key, $sString)
{
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->td), MCRYPT_RAND_URANDOM); // MCRYPT_RAND_URANDOM is now useable since itop requires php >= 5.6
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->td), MCRYPT_DEV_URANDOM); // MCRYPT_DEV_URANDOM is now useable since itop requires php >= 5.6
if (false === $iv) {
throw new Exception('IV generation failed');
}
mcrypt_generic_init($this->td, $key, $iv);
if (empty($sString))
{