From ccbb116db3dfd2eb7fad22777fc82f5659831706 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 23 Jul 2022 09:22:00 -0500 Subject: [PATCH 1/2] Crypt/Base: limit conditions under which safe_intval is used --- phpseclib/Crypt/Base.php | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/phpseclib/Crypt/Base.php b/phpseclib/Crypt/Base.php index d971e5a1..c1cd98d9 100644 --- a/phpseclib/Crypt/Base.php +++ b/phpseclib/Crypt/Base.php @@ -2654,6 +2654,25 @@ class Crypt_Base // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': return $x; + case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM': + switch (true) { + // PHP_VERSION_ID wasn't a constant until PHP 5.2.7 + case version_compare(PHP_VERSION, '5.3.0') < 1: + /* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors: + + https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd + + altho the changelogs make no mention of it, this bug was fixed with this commit: + + https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8 + + affected versions of PHP are: 7.0.x, 7.1.0 - 7.1.23 and 7.2.0 - 7.2.11 */ + case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123: + case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211: + break; + default: + return $x; + } } return (fmod($x, 0x80000000) & 0x7FFFFFFF) | ((fmod(floor($x / 0x80000000), 2) & 1) << 31); @@ -2674,6 +2693,15 @@ class Crypt_Base case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': return '%s'; break; + case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM': + switch (true) { + case version_compare(PHP_VERSION, '5.3.0') < 1: + case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123: + case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211: + break; + default: + return '%s'; + } default: $safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | '; return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; From d22110b057f6afbf27c45d21b9cb547caed075a5 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sat, 23 Jul 2022 09:31:42 -0500 Subject: [PATCH 2/2] Crypt/Base: rm php <= 5.3.0 code --- phpseclib/Crypt/Base.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/phpseclib/Crypt/Base.php b/phpseclib/Crypt/Base.php index a749b479..ba6a534b 100644 --- a/phpseclib/Crypt/Base.php +++ b/phpseclib/Crypt/Base.php @@ -2800,13 +2800,10 @@ abstract class Base { switch (true) { case is_int($x): - // PHP 5.3, per http://php.net/releases/5_3_0.php, introduced "more consistent float rounding" case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': return $x; case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM': switch (true) { - // PHP_VERSION_ID wasn't a constant until PHP 5.2.7 - case version_compare(PHP_VERSION, '5.3.0') < 1: /* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors: https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd @@ -2842,7 +2839,6 @@ abstract class Base break; case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM': switch (true) { - case version_compare(PHP_VERSION, '5.3.0') < 1: case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123: case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211: break;