Changeset 35365
- Timestamp:
- 10/23/2015 04:21:01 AM (9 years ago)
- Location:
- trunk/src/wp-includes
- Files:
-
- 2 added
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/pluggable.php
r35339 r35365 2189 2189 $use_random_int_functionality = false; 2190 2190 } 2191 } catch ( Throwable $t) {2191 } catch ( Error $e ) { 2192 2192 $use_random_int_functionality = false; 2193 2193 } catch ( Exception $e ) { -
trunk/src/wp-includes/random_compat/byte_safe_strings.php
r34922 r35365 28 28 29 29 if (!function_exists('RandomCompat_strlen')) { 30 if (defined('MB_OVERLOAD_STRING') && ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING) { 30 if ( 31 defined('MB_OVERLOAD_STRING') && 32 ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING 33 ) { 31 34 /** 32 35 * strlen() implementation that isn't brittle to mbstring.func_overload … … 75 78 76 79 if (!function_exists('RandomCompat_substr')) { 77 if (defined('MB_OVERLOAD_STRING') && ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING) { 80 if ( 81 defined('MB_OVERLOAD_STRING') && 82 ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING 83 ) { 78 84 /** 79 85 * substr() implementation that isn't brittle to mbstring.func_overload -
trunk/src/wp-includes/random_compat/error_polyfill.php
r34981 r35365 27 27 */ 28 28 29 if (!interface_exists('Throwable', false)) {30 interface Throwable31 {32 }33 }34 35 29 if (!class_exists('Error', false)) { 36 30 // We can't really avoid making this extend Exception in PHP 5. 37 class Error extends Exception implements Throwable31 class Error extends Exception 38 32 { 39 33 -
trunk/src/wp-includes/random_compat/random.php
r34922 r35365 29 29 if (!defined('PHP_VERSION_ID')) { 30 30 // This constant was introduced in PHP 5.2.7 31 $version = explode('.', PHP_VERSION); 32 define('PHP_VERSION_ID', ($version[0] * 10000 + $version[1] * 100 + $version[2])); 31 $RandomCompatversion = explode('.', PHP_VERSION); 32 define('PHP_VERSION_ID', ($RandomCompatversion[0] * 10000 + $RandomCompatversion[1] * 100 + $RandomCompatversion[2])); 33 unset($RandomCompatversion); 33 34 } 34 35 if (PHP_VERSION_ID < 70000) { … … 36 37 define('RANDOM_COMPAT_READ_BUFFER', 8); 37 38 } 38 require_once "byte_safe_strings.php"; 39 require_once "error_polyfill.php"; 39 $__DIR__ = dirname(__FILE__); 40 require_once $__DIR__.'/byte_safe_strings.php'; 41 require_once $__DIR__.'/cast_to_int.php'; 42 require_once $__DIR__.'/error_polyfill.php'; 40 43 if (!function_exists('random_bytes')) { 41 44 /** … … 46 49 * 47 50 * In order of preference: 48 * 1. fread() /dev/urandom if available 49 * 2. mcrypt_create_iv($bytes, MCRYPT_CREATE_IV) 50 * 3. COM('CAPICOM.Utilities.1')->GetRandom() 51 * 4. openssl_random_pseudo_bytes() 51 * 1. Use libsodium if available. 52 * 2. fread() /dev/urandom if available (never on Windows) 53 * 3. mcrypt_create_iv($bytes, MCRYPT_CREATE_IV) 54 * 4. COM('CAPICOM.Utilities.1')->GetRandom() 55 * 5. openssl_random_pseudo_bytes() (absolute last resort) 52 56 * 53 57 * See ERRATA.md for our reasoning behind this particular order 54 58 */ 55 if (!ini_get('open_basedir') && is_readable('/dev/urandom')) { 59 if (extension_loaded('libsodium')) { 60 // See random_bytes_libsodium.php 61 require_once $__DIR__.'/random_bytes_libsodium.php'; 62 } 63 if ( 64 !function_exists('random_bytes') && 65 DIRECTORY_SEPARATOR === '/' && 66 @is_readable('/dev/urandom') 67 ) { 68 // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast 69 // way to exclude Windows. 70 // 71 // Error suppression on is_readable() in case of an open_basedir or 72 // safe_mode failure. All we care about is whether or not we can 73 // read it at this point. If the PHP environment is going to panic 74 // over trying to see if the file can be read in the first place, 75 // that is not helpful to us here. 76 56 77 // See random_bytes_dev_urandom.php 57 require_once "random_bytes_dev_urandom.php"; 58 } elseif (PHP_VERSION_ID >= 50307 && function_exists('mcrypt_create_iv')) { 78 require_once $__DIR__.'/random_bytes_dev_urandom.php'; 79 } 80 if ( 81 !function_exists('random_bytes') && 82 PHP_VERSION_ID >= 50307 && 83 extension_loaded('mcrypt') 84 ) { 59 85 // See random_bytes_mcrypt.php 60 require_once "random_bytes_mcrypt.php"; 61 } elseif (extension_loaded('com_dotnet')) { 62 // See random_bytes_com_dotnet.php 63 require_once "random_bytes_com_dotnet.php"; 64 } elseif (function_exists('openssl_random_pseudo_bytes')) { 86 require_once $__DIR__.'/random_bytes_mcrypt.php'; 87 } 88 if ( 89 !function_exists('random_bytes') && 90 extension_loaded('com_dotnet') && 91 class_exists('COM') 92 ) { 93 try { 94 $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1'); 95 if (method_exists($RandomCompatCOMtest, 'GetRandom')) { 96 // See random_bytes_com_dotnet.php 97 require_once $__DIR__.'/random_bytes_com_dotnet.php'; 98 } 99 } catch (com_exception $e) { 100 // Don't try to use it. 101 } 102 unset($RandomCompatCOMtest); 103 } 104 if ( 105 !function_exists('random_bytes') && 106 extension_loaded('openssl') && 107 PHP_VERSION_ID >= 50300 108 ) { 65 109 // See random_bytes_openssl.php 66 require_once "random_bytes_openssl.php"; 67 } else { 110 require_once $__DIR__.'/random_bytes_openssl.php'; 111 } 112 if (!function_exists('random_bytes')) { 68 113 /** 69 114 * We don't have any more options, so let's throw an exception right now … … 79 124 } 80 125 if (!function_exists('random_int')) { 81 require_once "random_int.php";126 require_once $__DIR__.'/random_int.php'; 82 127 } 128 unset($__DIR__); 83 129 } -
trunk/src/wp-includes/random_compat/random_bytes_com_dotnet.php
r34922 r35365 40 40 function random_bytes($bytes) 41 41 { 42 if (!is_int($bytes)) { 42 try { 43 $bytes = RandomCompat_intval($bytes); 44 } catch (TypeError $ex) { 43 45 throw new TypeError( 44 ' Lengthmust be an integer'46 'random_bytes(): $bytes must be an integer' 45 47 ); 46 48 } -
trunk/src/wp-includes/random_compat/random_bytes_dev_urandom.php
r34922 r35365 75 75 } 76 76 } 77 if (!is_int($bytes)) { 77 try { 78 $bytes = RandomCompat_intval($bytes); 79 } catch (TypeError $ex) { 78 80 throw new TypeError( 79 ' Lengthmust be an integer'81 'random_bytes(): $bytes must be an integer' 80 82 ); 81 83 } -
trunk/src/wp-includes/random_compat/random_bytes_mcrypt.php
r34922 r35365 42 42 function random_bytes($bytes) 43 43 { 44 if (!is_int($bytes)) { 44 try { 45 $bytes = RandomCompat_intval($bytes); 46 } catch (TypeError $ex) { 45 47 throw new TypeError( 46 ' Lengthmust be an integer'48 'random_bytes(): $bytes must be an integer' 47 49 ); 48 50 } … … 53 55 } 54 56 55 $buf = mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM);57 $buf = @mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM); 56 58 if ($buf !== false) { 57 59 if (RandomCompat_strlen($buf) === $bytes) { -
trunk/src/wp-includes/random_compat/random_bytes_openssl.php
r34922 r35365 42 42 function random_bytes($bytes) 43 43 { 44 if (!is_int($bytes)) { 44 try { 45 $bytes = RandomCompat_intval($bytes); 46 } catch (TypeError $ex) { 45 47 throw new TypeError( 46 ' Lengthmust be an integer'48 'random_bytes(): $bytes must be an integer' 47 49 ); 48 50 } -
trunk/src/wp-includes/random_compat/random_int.php
r34922 r35365 41 41 /** 42 42 * Type and input logic checks 43 * 44 * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX) 45 * (non-inclusive), it will sanely cast it to an int. If you it's equal to 46 * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats 47 * lose precision, so the <= and => operators might accidentally let a float 48 * through. 43 49 */ 44 if (!is_numeric($min)) { 50 51 try { 52 $min = RandomCompat_intval($min); 53 } catch (TypeError $ex) { 45 54 throw new TypeError( 46 55 'random_int(): $min must be an integer' 47 56 ); 48 57 } 49 if (!is_numeric($max)) { 58 try { 59 $max = RandomCompat_intval($max); 60 } catch (TypeError $ex) { 50 61 throw new TypeError( 51 62 'random_int(): $max must be an integer' 52 63 ); 53 64 } 54 55 $min = (int) $min; 56 $max = (int) $max; 57 65 66 /** 67 * Now that we've verified our weak typing system has given us an integer, 68 * let's validate the logic then we can move forward with generating random 69 * integers along a given range. 70 */ 58 71 if ($min > $max) { 59 72 throw new Error( … … 165 178 * If $val overflows to a floating point number, 166 179 * ... or is larger than $max, 167 * ... or smaller than $ int,180 * ... or smaller than $min, 168 181 * then try again. 169 182 */
Note: See TracChangeset
for help on using the changeset viewer.