Pbkdf2Password: Fix error handling on PHP 8

With PHP 8, the hash_pbkdf2 function raises a ValueError when invoked with an unknown algorithm, as opposed to its previous behavior where it would raise an E_WARNING and return a non-string value. This patch updates the Pbkdf2Password class to handle this exception and re-throw it as our PasswordError exception. It also adds a Phan stub for the ValueError exception if it is not defined to avoid superfluous analysis errors. Bug: T248925 Change-Id: I7e0ec4e95598af27fee8282c7e53bca5378e506a
2020-04-07 18:08:23 +02:00 · 2020-04-07 18:08:23 +02:00 · a80631ea0c
commit a80631ea0c
parent 68e0ff3f64
3 changed files with 24 additions and 10 deletions
--- a/.phan/config.php
+++ b/.phan/config.php
@ -26,6 +26,7 @@ $cfg['file_list'] = array_merge(
 	class_exists( PEAR::class ) ? [] : [ '.phan/stubs/mail.php' ],
 	defined( 'PASSWORD_ARGON2ID' ) ? [] : [ '.phan/stubs/password.php' ],
 	class_exists( ExcimerProfiler::class ) ? [] : [ '.phan/stubs/excimer.php' ],
+	class_exists( ValueError::class ) ? [] : [ '.phan/stubs/ValueError.php' ],
 	[
 		// This makes constants and globals known to Phan before processing all other files.
 		// You can check the parser order with --dump-parsed-file-list
--- a/.phan/stubs/ValueError.php
+++ b/.phan/stubs/ValueError.php
@ -0,0 +1,6 @@
+<?php
+
+// Stub for PHP 8's ValueError exception
+
+class ValueError extends Error {
+}
--- a/includes/password/Pbkdf2Password.php
+++ b/includes/password/Pbkdf2Password.php
@ -48,16 +48,23 @@ class Pbkdf2Password extends ParameterizedPassword {
 			$this->args[] = base64_encode( random_bytes( 16 ) );
 		}

-		$hash = hash_pbkdf2(
-			$this->params['algo'],
-			$password,
-			base64_decode( $this->args[0] ),
-			(int)$this->params['rounds'],
-			(int)$this->params['length'],
-			true
-		);
-		if ( !is_string( $hash ) ) {
-			throw new PasswordError( 'Error when hashing password.' );
+		try {
+			$hash = hash_pbkdf2(
+				$this->params['algo'],
+				$password,
+				base64_decode( $this->args[0] ),
+				(int)$this->params['rounds'],
+				(int)$this->params['length'],
+				true
+			);
+
+			// PHP < 8 raises a warning in case of an error, such as unknown algorithm...
+			if ( !is_string( $hash ) ) {
+				throw new PasswordError( 'Error when hashing password.' );
+			}
+		} catch ( ValueError $e ) {
+			// ...while PHP 8 throws ValueError
+			throw new PasswordError( 'Error when hashing password.', 0, $e );
 		}

 		$this->hash = base64_encode( $hash );