use strict;
use warnings;
use Test::More;
use Crypt::AuthEnc::GCM qw( gcm_encrypt_authenticate );
sub test_one {
my ($pt) = @_;
my ($ct, $tag) = gcm_encrypt_authenticate('AES', '0123456789abcdef', '0123456789ab', '', $pt);
is($ct, 'R');
}
test_one(0);
test_one('0');
done_testing;
The reason is that SvPOK returns a false value when called on a numeric SV, so the line:
if (SvPOK(plaintext)) pt = (unsigned char *) SvPVbyte(plaintext, pt_len);
doesn't call SvPVbyte, and the rest of the code behaves as if it had been passed an undef or an empty string.
Now, we can argue whether passing a number is a sensible thing to do, but at least it should be documented.
Also, SvPOK will return false for blessed references that overload stringification, which are probably a bigger concern.
I would just remove the if, and unconditionally call SvPVbyte, which handles undef and all the other cases just fine. But there may be good reasons not to do that, that I can't see right now.
Example:
The reason is that
SvPOK
returns a false value when called on a numeric SV, so the line:doesn't call
SvPVbyte
, and the rest of the code behaves as if it had been passed anundef
or an empty string.Now, we can argue whether passing a number is a sensible thing to do, but at least it should be documented.
Also,
SvPOK
will return false for blessed references that overload stringification, which are probably a bigger concern.I would just remove the
if
, and unconditionally callSvPVbyte
, which handlesundef
and all the other cases just fine. But there may be good reasons not to do that, that I can't see right now.