password: Use php_random_bytes_throw in php_password_make_salt (#10393)

TimWolla · web-flow · commit c59e0750af9c · 2023-01-23T18:35:16.000+01:00
The CSPRNG failing should be rare nowadays, but it *might* happen and without this patch it's hard for the user to find out why the salt generation failed: The error message is not actionable. This patch will automatically set the CSPRNG exception to the `$previous` exception of the ValueError that is thrown, allowing the developer to determine the cause of the salt generation failure. Before: Fatal error: Uncaught ValueError: Unable to generate salt in php-src/test3.php:3 Stack trace: #0 php-src/test3.php(3): password_hash(Object(SensitiveParameterValue), '2y') #1 {main} thrown in php-src/test3.php on line 3 After: Fatal error: Uncaught Random\RandomException: Cannot open /dev/urandom: No such file or directory in php-src/test3.php:3 Stack trace: #0 php-src/test3.php(3): password_hash(Object(SensitiveParameterValue), '2y') #1 {main} Next ValueError: Unable to generate salt in php-src/test3.php:3 Stack trace: #0 php-src/test3.php(3): password_hash(Object(SensitiveParameterValue), '2y') #1 {main} thrown in php-src/test3.php on line 3
diff --git a/NEWS b/NEWS
@@ -101,6 +101,8 @@ PHP                                                                        NEWS
   . Make array_pad's $length warning less confusing. (nielsdos)
   . E_WARNING emitted by strtok in the caase both arguments are not provided when
     starting tokenisation. (David Carlier)
+  . password_hash() will now chain the original RandomException to the ValueError
+    on salt generation failure. (timwolla)
 
 - Streams:
   . Fixed bug #51056: blocking fread() will block even if data is available.
diff --git a/UPGRADING b/UPGRADING
@@ -69,6 +69,8 @@ PHP 8.3 UPGRADE NOTES
     can have. Before, it was only possible to add at most 1048576 elements at a
     time.
   . strtok() raises a warning in the case token is not provided when starting tokenization.
+  . password_hash() will now chain the underlying Random\RandomException
+    as the ValueError’s $previous Exception when salt generation fails.
 
 ========================================
 6. New Functions
diff --git a/ext/standard/password.c b/ext/standard/password.c
@@ -83,7 +83,7 @@ static zend_string* php_password_make_salt(size_t length) /* {{{ */
 	}
 
 	buffer = zend_string_alloc(length * 3 / 4 + 1, 0);
-	if (FAILURE == php_random_bytes_silent(ZSTR_VAL(buffer), ZSTR_LEN(buffer))) {
+	if (FAILURE == php_random_bytes_throw(ZSTR_VAL(buffer), ZSTR_LEN(buffer))) {
 		zend_value_error("Unable to generate salt");
 		zend_string_release_ex(buffer, 0);
 		return NULL;

Original file line number	Diff line number	Diff line change
`@@ -83,7 +83,7 @@ static zend_string* php_password_make_salt(size_t length) /* {{{ */`
`83`	`83`	`}`
`84`	`84`
`85`	`85`	`buffer = zend_string_alloc(length * 3 / 4 + 1, 0);`
`86`		`- if (FAILURE == php_random_bytes_silent(ZSTR_VAL(buffer), ZSTR_LEN(buffer))) {`
	`86`	`+ if (FAILURE == php_random_bytes_throw(ZSTR_VAL(buffer), ZSTR_LEN(buffer))) {`
`87`	`87`	`zend_value_error("Unable to generate salt");`
`88`	`88`	`zend_string_release_ex(buffer, 0);`
`89`	`89`	`return NULL;`