Skip to content

fix random_bytes(0) and Random\Randomizer::getBytes(0) #12216

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

fix random_bytes(0) and Random\Randomizer::getBytes(0) #12216

wants to merge 5 commits into from

Conversation

divinity76
Copy link
Contributor

@divinity76 divinity76 commented Sep 15, 2023
edited
Loading 

random_bytes(0); // emptystring. previously: ValueError: random_bytes(): Argument #1 ($length) must be greater than 0

(new Random\Randomizer())->getBytes(0); // emptystring. previously: ValueError: Random\Randomizer::getBytes(): Argument #1 ($length) must be greater than 0

(new Random\Randomizer())->getBytesFromString("", 0); // emptystring. previously: ValueError (...)

(new Random\Randomizer())->getBytesFromString("", 1); // still a ValueError :)

@TimWolla
Copy link
Member

Reference to the old bug tracker for prior discussion: https://bugs.php.net/bug.php?id=80214

TimWolla
TimWolla reviewed Sep 15, 2023
View reviewed changes
Copy link
Member

@TimWolla TimWolla left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Randomizer::getBytes() should be adjusted for consistency. I agree that retrieving zero random bytes is not per se wrong, but I understand the concerns in the previous bug. I'll give this some thought, this is a preliminary technical review.

@divinity76

This comment was marked as outdated.

Sign in to view
@divinity76
Copy link
Contributor Author

Randomizer::getBytes() should be adjusted for consistency. I agree that retrieving zero random bytes is not per se wrong, but I understand the concerns in the previous bug. I'll give this some thought, this is a preliminary technical review.

added 0 support for Randomizer, please re-check the code when convenient

@divinity76 divinity76 changed the title fix random_bytes(0); fix random_bytes(0) and Randomizer::getBytes(0) Sep 15, 2023
@divinity76 divinity76 changed the title fix random_bytes(0) and Randomizer::getBytes(0) fix random_bytes(0) and Randomizer\Randomizer::getBytes(0) Sep 15, 2023
@divinity76 divinity76 changed the title fix random_bytes(0) and Randomizer\Randomizer::getBytes(0) fix random_bytes(0) and Random\Randomizer::getBytes(0) Sep 15, 2023
TimWolla
TimWolla reviewed Sep 15, 2023
View reviewed changes
divinity76 added a commit to divinity76/php-src that referenced this pull request Sep 22, 2023
@divinity76
remove support for getBytesFromString("",0);
8232c5c 
for consistency, I would prefer to actually support this, but TimWolla disagrees, and i cba fighting for it (it's an edge-case after all): php#12216 (comment)
@divinity76
remove support for getBytesFromString("",0);
326094a 
for consistency, I would prefer to actually support this, but TimWolla disagrees, and i cba fighting for it (it's an edge-case after all): php#12216 (comment)
TimWolla
TimWolla reviewed Sep 23, 2023
View reviewed changes
Copy link
Member

@TimWolla TimWolla left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've now tested the branch locally and looked through the related bug report and have a question about this:

What should the behavior of

<?php

use Random\Engine;
use Random\Randomizer;

final class ThrowingEngine implements Engine
{
    public function generate(): string
    {
        throw new Exception('Error');
    }
} 

$randomizer = new Randomizer(new ThrowingEngine());

var_dump($randomizer->getBytes(0));

be? And likely what should the behavior of random_bytes(0) be if the CSPRNG fails (both getrandom() and /dev/urandom) unavailable? It would probably be a good thing if random_bytes(0) would allow to test if the CSPRNG is functional.

On the other hand, Randomizer::shuffleBytes() and Randomizer::shuffleArray() do not currently make any calls to the engine for an empty string and empty array respectively.

Unfortunately the last commenter on the bug report just said that:

I can think of at least three potential issues if php_random_bytes(0) always succeeded

But didn't spell out what issues they were thinking of.

This probably does not require a full-blown RFC, but a discussion on the PHP Internals mailing list would probably be appropriate to decide on the desired semantics.

@TimWolla
Copy link
Member

On the other hand, Randomizer::shuffleBytes() and Randomizer::shuffleArray() do not currently make any calls to the engine for an empty string and empty array respectively.

In fact they don't do for single-element strings or arrays either.

@TimWolla
Copy link
Member

One more question: Should zero also be legal for Randomizer::pickArrayKeys()'s $num parameter?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TimWolla TimWolla TimWolla left review comments

@zeriyoshi zeriyoshi Awaiting requested review from zeriyoshi zeriyoshi is a code owner

Assignees
No one assigned
Labels
Extension: random
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@divinity76 @TimWolla