diff --git a/phpseclib/Crypt/Random.php b/phpseclib/Crypt/Random.php index 8f53eb31..e0961a72 100644 --- a/phpseclib/Crypt/Random.php +++ b/phpseclib/Crypt/Random.php @@ -151,7 +151,10 @@ class Random (isset($_POST) ? phpseclib_safe_serialize($_POST) : '') . (isset($_GET) ? phpseclib_safe_serialize($_GET) : '') . (isset($_COOKIE) ? phpseclib_safe_serialize($_COOKIE) : '') . - phpseclib_safe_serialize($GLOBALS) . + // as of PHP 8.1 $GLOBALS cann't be accessed by reference, which eliminates + // the need for phpseclib_safe_serialize. see https://wiki.php.net/rfc/restrict_globals_usage + // for more info + (version_compare(PHP_VERSION, '8.1.0', '>=') ? serialize($GLOBALS) : phpseclib_safe_serialize($GLOBALS)) . phpseclib_safe_serialize($_SESSION) . phpseclib_safe_serialize($_OLD_SESSION) )); diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php index 7c0b0a8d..8d1291db 100644 --- a/phpseclib/Math/BigInteger.php +++ b/phpseclib/Math/BigInteger.php @@ -372,7 +372,7 @@ class BigInteger break; case self::MODE_BCMATH: // round $len to the nearest 4 (thanks, DavidMJ!) - $len = (strlen($x) + 3) & 0xFFFFFFFC; + $len = (strlen($x) + 3) & ~3; $x = str_pad($x, $len, chr(0), STR_PAD_LEFT); diff --git a/phpseclib/Net/SFTP.php b/phpseclib/Net/SFTP.php index ade0ea5c..e0561c74 100644 --- a/phpseclib/Net/SFTP.php +++ b/phpseclib/Net/SFTP.php @@ -422,7 +422,7 @@ class SFTP extends SSH2 // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in // two's compliment, consists of all 1 bits) by 31. on 64-bit systems this'll yield 0xFFFFFFFF80000000. // that's not a problem, however, and 'anded' and a 32-bit number, as all the leading 1 bits are ignored. - (-1 << 31) & 0xFFFFFFFF => 'NET_SFTP_ATTR_EXTENDED' + (PHP_INT_SIZE == 4 ? -1 : 0xFFFFFFFF) => 'NET_SFTP_ATTR_EXTENDED' ); $this->open_flags = array( 0x00000001 => 'NET_SFTP_OPEN_READ',