1
0
mirror of https://github.com/danog/phpseclib.git synced 2025-01-22 04:51:19 +01:00

Crypt/Base: limit conditions under which safe_intval is used

This commit is contained in:
terrafrost 2022-07-23 09:22:00 -05:00
parent 22e66a4e3c
commit ccbb116db3

View File

@ -2654,6 +2654,25 @@ class Crypt_Base
// PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster
case (PHP_OS & "\xDF\xDF\xDF") === 'WIN':
return $x;
case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM':
switch (true) {
// PHP_VERSION_ID wasn't a constant until PHP 5.2.7
case version_compare(PHP_VERSION, '5.3.0') < 1:
/* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors:
https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd
altho the changelogs make no mention of it, this bug was fixed with this commit:
https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8
affected versions of PHP are: 7.0.x, 7.1.0 - 7.1.23 and 7.2.0 - 7.2.11 */
case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123:
case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211:
break;
default:
return $x;
}
}
return (fmod($x, 0x80000000) & 0x7FFFFFFF) |
((fmod(floor($x / 0x80000000), 2) & 1) << 31);
@ -2674,6 +2693,15 @@ class Crypt_Base
case (PHP_OS & "\xDF\xDF\xDF") === 'WIN':
return '%s';
break;
case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM':
switch (true) {
case version_compare(PHP_VERSION, '5.3.0') < 1:
case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123:
case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211:
break;
default:
return '%s';
}
default:
$safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | ';
return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))';