mcrypt_create_iv always fails to gather sufficient random data

Bug #55169 mcrypt_create_iv always fails to gather sufficient random data
Submitted: 2011-07-09 16:23 UTC Modified: 2011-07-23 06:21 UTC
From: nikic@php.net Assigned: pajoye (profile)
Status: Closed Package: mcrypt related
PHP Version: 5.4SVN-2011-07-09 (snap) OS: Windows 7
Private report: No CVE-ID: None

 [2011-07-09 16:23 UTC] nikic@php.net

Description:
------------
When using the 5.4 snaps calling mcrypt_create_iv with either MCRYPT_DEV_RANDOM or MCRYPT_DEV_URANDOM as source always fails to gather sufficient random data regardless of the specified size.

(Could be related: http://svn.php.net/viewvc?view=revision&revision=312201 )

Test script:
---------------
<?php var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));

Expected result:
----------------
string 'm' (length=1)
[or similar]

Actual result:
--------------
Fatal error: mcrypt_create_iv() [<a href='function.mcrypt-create-iv'>function.mcrypt-create-iv</a>]: Could not gather sufficient random data in D:\htdocs\stack\quick.php on line 3

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

 [2011-07-09 16:26 UTC] nikic@php.net

Some further notes:

The code always fails, not just sometimes.
It fails regardless of the specified size.
It worked on PHP 5.3.1 (haven't tested later versions).

 [2011-07-10 10:37 UTC] pajoye@php.net

I apply a fix to all branches (5.3 was possibly affected as well). Please try a 
snapshot with the revision id equal or higher to the commit referred here.

 [2011-07-10 11:09 UTC] nikic@php.net

I just tried snaps for 312169 and 312203. The former still worked, but the latter was already broken:

D:\htdocs\stack>C:\php312169\php.exe -f quick.php
string(1) "ð"

D:\htdocs\stack>C:\php312203\php.exe -f quick.php

Fatal error: mcrypt_create_iv(): Could not gather sufficient random data in D:\h
tdocs\stack\quick.php on line 3

 [2011-07-10 11:12 UTC] nikic@php.net

Just tried the snap for 312201, too, and it seems to work there too. Does that mean that either 312202 or 312203 broke it?

D:\htdocs\stack>C:\php312201\php.exe -f quick.php
string(1) "B"

 [2011-07-10 11:19 UTC] nikic@php.net

Oi, I didn't see your comment, I'm sorry. I will try as soon as a binary is available ;)

 [2011-07-10 11:32 UTC] pajoye@php.net

yes, 313110 or higher is what you have to test (see the commit in this report, the 
commits tab).

 [2011-07-10 14:32 UTC] nikic@php.net

I'm still seeing the issue in 313114:

D:\htdocs\stack>C:\php313114\php.exe -f quick.php

Warning: mcrypt_create_iv(): Could not gather sufficient random data in D:\htdoc
s\stack\quick.php on line 3
bool(false)

 [2011-07-10 14:53 UTC] nikic@php.net

I just tried using an nts instead of a ts build, and it worked there. So it's seems to be some thread safety related problem.

 [2011-07-10 16:58 UTC] pajoye@php.net

I can't reproduce the problem, are you sure you used the right binaries?


c:\test\php540r313114>php -d extension_dir=ext -d extension=php_openssl.dll -r 
"var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));"
string(1) "☺"

and using NTS:

c:\test\php540ntsr313114>php -d extension_dir=ext -d extension=php_openssl.dll -
r "var_dump(mcrypt_create_iv(1, MCRYPT_DEV_URANDOM));"
string(1) "║"

 [2011-07-10 17:38 UTC] nikic@php.net

-Status: Feedback +Status: Closed -Assigned To: +Assigned To: nikic

 [2011-07-10 17:38 UTC] nikic@php.net

Hm, seems like I indeed used some wrong binary. I have just downloaded 313114ts again and it worked :)

Thanks for the quick fix and sorry for the confusion ^^

Closing this then ;)

 [2011-07-10 17:41 UTC] nikic@php.net

-Assigned To: nikic +Assigned To: pajoye

 [2011-07-10 17:41 UTC] nikic@php.net

Argh, I just can't handle this bugtracker :( Seems like it assignes the bug to me if I leave the "Assign to" field empty.

 [2011-07-11 11:06 UTC] aharvey@php.net

-Status: Closed +Status: Bogus -Assigned To: pajoye +Assigned To:

 [2011-07-11 12:50 UTC] aharvey@php.net

I did. Sorry, misread the bug. The lesson is that I need to do one thing at once, 
rather than ten. :)

 [2011-07-11 14:20 UTC] nikic@php.net

-Status: Open +Status: Closed

 [2011-07-11 14:20 UTC] nikic@php.net

Okay, closing it again then ;)

 [2011-07-11 14:23 UTC] pajoye@php.net

-Status: Closed +Status: Assigned -Assigned To: +Assigned To: pajoye

 [2011-07-11 14:23 UTC] pajoye@php.net

just assigning it to me, needs some more testing under apache and IIS, Seldaek is 
still having this problem

 [2011-07-18 13:10 UTC] pajoye@php.net

Quick update, issue fixed in svn (5.3+), keep it open until Ryan applies the new 
tests.

 [2011-07-23 06:21 UTC] pajoye@php.net

-Status: Assigned +Status: Closed