Validation of the key value in the generic Encryption key type is unreliable. Currently drupal_strlen() is used to determine a key's size, but it fails to calculate the size of binary keys correctly. The default PHP function strlen() should be used instead of drupal_strlen().

CommentFileSizeAuthor
#2 fix_key_value-2674340-2.patch573 bytesrlhawk

Comments

rlhawk created an issue. See original summary.

rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
Assigned: rlhawk » Unassigned
Status: Active » Needs review
StatusFileSize
new fix_key_value-2674340-2.patch573 bytes

Here's the patch to address this issue.

  • rlhawk committed 3512982 on 7.x-3.x 
    Issue #2674340 by rlhawk: Fix key value validation for generic...
rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
Status: Needs review » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.