only in patch2:
unchanged:
--- a/includes/bootstrap.inc
+++ b/includes/bootstrap.inc
@@ -2337,7 +2337,20 @@ function drupal_hmac_base64($data, $key) {
   // results of the hash function if they are not scalar values. As this
   // function is used in security-critical contexts like token validation it is
   // important that it never returns an empty string.
-  $hmac = base64_encode(hash_hmac('sha256', (string) $data, (string) $key, TRUE));
+  if (is_scalar($data) || is_object($data) && method_exists($data, '__toString')) {
+    $data = (string) $data;
+  }
+  else {
+    $data = '';
+  }
+  if (is_scalar($key) || is_object($key) && method_exists($key, '__toString')) {
+    $key = (string) $key;
+  }
+  else {
+    $key = '';
+  }
+
+  $hmac = base64_encode(hash_hmac('sha256', $data, $key, TRUE));
   // Modify the hmac so it's safe to use in URLs.
   return strtr($hmac, array('+' => '-', '/' => '_', '=' => ''));
 }
only in patch2:
unchanged:
--- a/modules/simpletest/tests/file.test
+++ b/modules/simpletest/tests/file.test
@@ -963,7 +963,7 @@ class FileDirectoryTest extends FileTestCase {
       $this->fail('Expected exception not thrown');
     }
     catch (RuntimeException $e) {
-      $this->assertEqual("Invalid filename '$filename'", $e->getMessage());
+      $this->assertEqual("Invalid filename '$filename'", $e->getMessage(), 'Invalid filename has been detected and RuntimeException has been thrown');
     }
 
     // @TODO: Finally we copy a file into a directory several times, to ensure a properly iterating filename suffix.
only in patch2:
unchanged:
--- a/modules/system/system.test
+++ b/modules/system/system.test
@@ -2973,13 +2973,6 @@ class TokenScanTest extends DrupalWebTestCase {
  */
 class SystemValidTokenTest extends DrupalUnitTestCase {
 
-  /**
-   * Flag to indicate whether PHP error reportings should be asserted.
-   *
-   * @var bool
-   */
-  protected $assertErrors = TRUE;
-
   public static function getInfo() {
     return array(
       'name' => 'Token validation',
@@ -2992,28 +2985,13 @@ class SystemValidTokenTest extends DrupalUnitTestCase {
    * Tests invalid invocations of drupal_valid_token() that must return FALSE.
    */
   public function testTokenValidation() {
-    // The following checks will throw PHP notices, so we disable error
-    // assertions.
-    $this->assertErrors = FALSE;
     $this->assertFalse(drupal_valid_token(NULL, new stdClass()), 'Token NULL, value object returns FALSE.');
     $this->assertFalse(drupal_valid_token(0, array()), 'Token 0, value array returns FALSE.');
     $this->assertFalse(drupal_valid_token('', array()), "Token '', value array returns FALSE.");
     $this->assertFalse('' === drupal_get_token(array()), 'Token generation does not return an empty string on invalid parameters.');
-    $this->assertErrors = TRUE;
-
     $this->assertFalse(drupal_valid_token(TRUE, 'foo'), 'Token TRUE, value foo returns FALSE.');
     $this->assertFalse(drupal_valid_token(0, 'foo'), 'Token 0, value foo returns FALSE.');
   }
-
-  /**
-   * Overrides DrupalTestCase::errorHandler().
-   */
-  public function errorHandler($severity, $message, $file = NULL, $line = NULL) {
-    if ($this->assertErrors) {
-      return parent::errorHandler($severity, $message, $file, $line);
-    }
-    return TRUE;
-  }
 }
 
 /**
only in patch2:
unchanged:
--- a/scripts/run-tests.sh
+++ b/scripts/run-tests.sh
@@ -729,7 +729,7 @@ function simpletest_script_print_error($message) {
  */
 function simpletest_script_print($message, $color_code) {
   global $args;
-  if ($args['color']) {
+  if (isset($args['color'])) {
     echo "\033[" . $color_code . "m" . $message . "\033[0m";
   }
   else {