WordPress.org

Make WordPress Core

Changeset 35365


Ignore:
Timestamp:
10/23/2015 04:21:01 AM (4 years ago)
Author:
dd32
Message:

Update to Random_Compat 1.0.9.
This update includes fixes for Windows support & libSodium support, and removes the Throwable Polyfill due to PHP7 incompatibilities.

Fixes #28633

Location:
trunk/src/wp-includes
Files:
2 added
9 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/pluggable.php

    r35339 r35365  
    21892189                $use_random_int_functionality = false;
    21902190            }
    2191         } catch ( Throwable $t ) {
     2191        } catch ( Error $e ) {
    21922192            $use_random_int_functionality = false;
    21932193        } catch ( Exception $e ) {
  • trunk/src/wp-includes/random_compat/byte_safe_strings.php

    r34922 r35365  
    2828
    2929if (!function_exists('RandomCompat_strlen')) {
    30     if (defined('MB_OVERLOAD_STRING') && ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING) {
     30    if (
     31        defined('MB_OVERLOAD_STRING') &&
     32        ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING
     33    ) {
    3134        /**
    3235         * strlen() implementation that isn't brittle to mbstring.func_overload
     
    7578
    7679if (!function_exists('RandomCompat_substr')) {
    77     if (defined('MB_OVERLOAD_STRING') && ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING) {
     80    if (
     81        defined('MB_OVERLOAD_STRING') &&
     82        ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING
     83    ) {
    7884        /**
    7985         * substr() implementation that isn't brittle to mbstring.func_overload
  • trunk/src/wp-includes/random_compat/error_polyfill.php

    r34981 r35365  
    2727 */
    2828
    29 if (!interface_exists('Throwable', false)) {
    30     interface Throwable
    31     {
    32     }
    33 }
    34 
    3529if (!class_exists('Error', false)) {
    3630    // We can't really avoid making this extend Exception in PHP 5.
    37     class Error extends Exception implements Throwable
     31    class Error extends Exception
    3832    {
    3933       
  • trunk/src/wp-includes/random_compat/random.php

    r34922 r35365  
    2929if (!defined('PHP_VERSION_ID')) {
    3030    // This constant was introduced in PHP 5.2.7
    31     $version = explode('.', PHP_VERSION);
    32     define('PHP_VERSION_ID', ($version[0] * 10000 + $version[1] * 100 + $version[2]));
     31    $RandomCompatversion = explode('.', PHP_VERSION);
     32    define('PHP_VERSION_ID', ($RandomCompatversion[0] * 10000 + $RandomCompatversion[1] * 100 + $RandomCompatversion[2]));
     33    unset($RandomCompatversion);
    3334}
    3435if (PHP_VERSION_ID < 70000) {
     
    3637        define('RANDOM_COMPAT_READ_BUFFER', 8);
    3738    }
    38     require_once "byte_safe_strings.php";
    39     require_once "error_polyfill.php";
     39    $__DIR__ = dirname(__FILE__);
     40    require_once $__DIR__.'/byte_safe_strings.php';
     41    require_once $__DIR__.'/cast_to_int.php';
     42    require_once $__DIR__.'/error_polyfill.php';
    4043    if (!function_exists('random_bytes')) {
    4144        /**
     
    4649         *
    4750         * In order of preference:
    48          *   1. fread() /dev/urandom if available
    49          *   2. mcrypt_create_iv($bytes, MCRYPT_CREATE_IV)
    50          *   3. COM('CAPICOM.Utilities.1')->GetRandom()
    51          *   4. openssl_random_pseudo_bytes()
     51         *   1. Use libsodium if available.
     52         *   2. fread() /dev/urandom if available (never on Windows)
     53         *   3. mcrypt_create_iv($bytes, MCRYPT_CREATE_IV)
     54         *   4. COM('CAPICOM.Utilities.1')->GetRandom()
     55         *   5. openssl_random_pseudo_bytes() (absolute last resort)
    5256         *
    5357         * See ERRATA.md for our reasoning behind this particular order
    5458         */
    55         if (!ini_get('open_basedir') && is_readable('/dev/urandom')) {
     59        if (extension_loaded('libsodium')) {
     60            // See random_bytes_libsodium.php
     61            require_once $__DIR__.'/random_bytes_libsodium.php';
     62        }
     63        if (
     64            !function_exists('random_bytes') &&
     65            DIRECTORY_SEPARATOR === '/' &&
     66            @is_readable('/dev/urandom')
     67        ) {
     68            // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
     69            // way to exclude Windows.
     70            //
     71            // Error suppression on is_readable() in case of an open_basedir or
     72            // safe_mode failure. All we care about is whether or not we can
     73            // read it at this point. If the PHP environment is going to panic
     74            // over trying to see if the file can be read in the first place,
     75            // that is not helpful to us here.
     76           
    5677            // See random_bytes_dev_urandom.php
    57             require_once "random_bytes_dev_urandom.php";
    58         } elseif (PHP_VERSION_ID >= 50307 && function_exists('mcrypt_create_iv')) {
     78            require_once $__DIR__.'/random_bytes_dev_urandom.php';
     79        }
     80        if (
     81            !function_exists('random_bytes') &&
     82            PHP_VERSION_ID >= 50307 &&
     83            extension_loaded('mcrypt')
     84        ) {
    5985            // See random_bytes_mcrypt.php
    60             require_once "random_bytes_mcrypt.php";
    61         } elseif (extension_loaded('com_dotnet')) {
    62             // See random_bytes_com_dotnet.php
    63             require_once "random_bytes_com_dotnet.php";
    64         } elseif (function_exists('openssl_random_pseudo_bytes')) {
     86            require_once $__DIR__.'/random_bytes_mcrypt.php';
     87        }
     88        if (
     89            !function_exists('random_bytes') &&
     90            extension_loaded('com_dotnet') &&
     91            class_exists('COM')
     92        ) {
     93            try {
     94                $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
     95                if (method_exists($RandomCompatCOMtest, 'GetRandom')) {
     96                    // See random_bytes_com_dotnet.php
     97                    require_once $__DIR__.'/random_bytes_com_dotnet.php';
     98                }
     99            } catch (com_exception $e) {
     100                // Don't try to use it.
     101            }
     102            unset($RandomCompatCOMtest);
     103        }
     104        if (
     105            !function_exists('random_bytes') &&
     106            extension_loaded('openssl') &&
     107            PHP_VERSION_ID >= 50300
     108        ) {
    65109            // See random_bytes_openssl.php
    66             require_once "random_bytes_openssl.php";
    67         } else {
     110            require_once $__DIR__.'/random_bytes_openssl.php';
     111        }
     112        if (!function_exists('random_bytes')) {
    68113            /**
    69114             * We don't have any more options, so let's throw an exception right now
     
    79124    }
    80125    if (!function_exists('random_int')) {
    81         require_once "random_int.php";
     126        require_once $__DIR__.'/random_int.php';
    82127    }
     128    unset($__DIR__);
    83129}
  • trunk/src/wp-includes/random_compat/random_bytes_com_dotnet.php

    r34922 r35365  
    4040function random_bytes($bytes)
    4141{
    42     if (!is_int($bytes)) {
     42    try {
     43        $bytes = RandomCompat_intval($bytes);
     44    } catch (TypeError $ex) {
    4345        throw new TypeError(
    44             'Length must be an integer'
     46            'random_bytes(): $bytes must be an integer'
    4547        );
    4648    }
  • trunk/src/wp-includes/random_compat/random_bytes_dev_urandom.php

    r34922 r35365  
    7575        }
    7676    }
    77     if (!is_int($bytes)) {
     77    try {
     78        $bytes = RandomCompat_intval($bytes);
     79    } catch (TypeError $ex) {
    7880        throw new TypeError(
    79             'Length must be an integer'
     81            'random_bytes(): $bytes must be an integer'
    8082        );
    8183    }
  • trunk/src/wp-includes/random_compat/random_bytes_mcrypt.php

    r34922 r35365  
    4242function random_bytes($bytes)
    4343{
    44     if (!is_int($bytes)) {
     44    try {
     45        $bytes = RandomCompat_intval($bytes);
     46    } catch (TypeError $ex) {
    4547        throw new TypeError(
    46             'Length must be an integer'
     48            'random_bytes(): $bytes must be an integer'
    4749        );
    4850    }
     
    5355    }
    5456
    55     $buf = mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM);
     57    $buf = @mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM);
    5658    if ($buf !== false) {
    5759        if (RandomCompat_strlen($buf) === $bytes) {
  • trunk/src/wp-includes/random_compat/random_bytes_openssl.php

    r34922 r35365  
    4242function random_bytes($bytes)
    4343{
    44     if (!is_int($bytes)) {
     44    try {
     45        $bytes = RandomCompat_intval($bytes);
     46    } catch (TypeError $ex) {
    4547        throw new TypeError(
    46             'Length must be an integer'
     48            'random_bytes(): $bytes must be an integer'
    4749        );
    4850    }
  • trunk/src/wp-includes/random_compat/random_int.php

    r34922 r35365  
    4141    /**
    4242     * Type and input logic checks
     43     *
     44     * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX)
     45     * (non-inclusive), it will sanely cast it to an int. If you it's equal to
     46     * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats
     47     * lose precision, so the <= and => operators might accidentally let a float
     48     * through.
    4349     */
    44     if (!is_numeric($min)) {
     50   
     51    try {
     52        $min = RandomCompat_intval($min);
     53    } catch (TypeError $ex) {
    4554        throw new TypeError(
    4655            'random_int(): $min must be an integer'
    4756        );
    4857    }
    49     if (!is_numeric($max)) {
     58    try {
     59        $max = RandomCompat_intval($max);
     60    } catch (TypeError $ex) {
    5061        throw new TypeError(
    5162            'random_int(): $max must be an integer'
    5263        );
    5364    }
    54 
    55     $min = (int) $min;
    56     $max = (int) $max;
    57 
     65   
     66    /**
     67     * Now that we've verified our weak typing system has given us an integer,
     68     * let's validate the logic then we can move forward with generating random
     69     * integers along a given range.
     70     */
    5871    if ($min > $max) {
    5972        throw new Error(
     
    165178         * If $val overflows to a floating point number,
    166179         * ... or is larger than $max,
    167          * ... or smaller than $int,
     180         * ... or smaller than $min,
    168181         * then try again.
    169182         */
Note: See TracChangeset for help on using the changeset viewer.