laruence
commented
2 years ago hmmm, not sure, I need to reproduce it locally
Closed remicollet closed 2 years ago
laruence
commented
2 years ago hmmm, not sure, I need to reproduce it locally
laruence
commented
2 years ago could you please try to find out (by editing the test) which part is wrong?
return ($provider == "Yar" && ($token == md5("yar") || $token == substr(md5("yar"), 0, 18)));get the value of $provider and $token
remicollet
commented
2 years ago Tried on PHP 7.4, track $token using
if (!($provider == "Yar" && ($token == md5("yar") || $token == substr(md5("yar"), 0, 18)))) {
throw new Exception("prv=$provider\nmd5=" . md5("yar") . "(" . strlen(md5("yar")) . ")\ntok=$token(".strlen($token).")\n");
}
And I notice a additional char is present in retrieved value
array(5) {
["message"]=>
string(92) "prv=Yar
md5=883452d07c625e5dbbcdaaa47f0aa92d(32)
tok=883452d07c625e5dbbcdaaa47f0aa92d�(33)
"
["code"]=>
int(0)
["file"]=>
string(67) "/builddir/build/BUILD/php-pecl-yar-2.3.0/NTS/tests/htdocs/index.php"
["line"]=>
int(6)
["_type"]=>
string(9) "Exception"
}
in yar_protocol.h
unsigned char provider[32];
unsigned char token[32];So this is enough to store the 32 chars but not the NUL ending byte so as the string is not nul terminated, strlen cannot be used
In yar_protocol.c
if (token) {
memcpy(header->token, token, MIN(strlen(token), 32));
}
could be related to old libcurl (encountered on RHEL 7 and 8 with libcurl 7.29 / 7.61) ?