MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: Fallback to insecure random for php 5.x if the random_compat submodule isn't loaded

pull/1547/head
iglocska 2016-09-18 16:11:33 +02:00
parent c7414d9e56
commit f6187f8fa5
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/Lib/Tools/RandomTool.php
View File

@ -3,7 +3,11 @@
class RandomTool {
public function __construct() {
// import compatibility library for PHP < 7.0
require_once(APP . 'Lib' . DS . 'random_compat' . DS . 'lib' . DS . 'random.php');
if (!function_exists('random_int')) {
if (file_exists(APP . 'Lib' . DS . 'random_compat' . DS . 'lib' . DS . 'random.php')) {
require_once(APP . 'Lib' . DS . 'random_compat' . DS . 'lib' . DS . 'random.php');
}
}
}
/**
@ -61,7 +65,7 @@ class RandomTool {
// Now that we have good data, this is the meat of our function:
$random_str = '';
for ($i = 0; $i < $length; ++$i) {
if ($crypto_secure) {
if ($crypto_secure && function_exists('random_int')) {
$r = random_int(0, $charset_max);
} else {
$r = mt_rand(0, $charset_max);