Several functions in `CryptX::AuthEnc` deal weirdly with non-simple-string plaintext

[dakkar]

Example:

use strict;
use warnings;
use Test::More;
use Crypt::AuthEnc::GCM qw( gcm_encrypt_authenticate );

sub test_one {
    my ($pt) = @_;
    my ($ct, $tag) = gcm_encrypt_authenticate('AES', '0123456789abcdef', '0123456789ab', '', $pt);
    is($ct, 'R');
}

test_one(0);
test_one('0');
done_testing;

The reason is that SvPOK returns a false value when called on a numeric SV, so the line:

if (SvPOK(plaintext)) pt = (unsigned char *) SvPVbyte(plaintext, pt_len);

doesn't call SvPVbyte, and the rest of the code behaves as if it had been passed an undef or an empty string.

Now, we can argue whether passing a number is a sensible thing to do, but at least it should be documented.

Also, SvPOK will return false for blessed references that overload stringification, which are probably a bigger concern.

I would just remove the if, and unconditionally call SvPVbyte, which handles undef and all the other cases just fine. But there may be good reasons not to do that, that I can't see right now.

[Leont]

I would just remove the if, and unconditionally call SvPVbyte, which handles undef and all the other cases just fine.

It may make more sense to use SvOK instead.