From: Mark <mrandall@digitellinc.com>
Date: Mon, 26 Aug 2019 22:20:49 +0000 (+0100)
Subject: Warnings become errors for hash_hkdf
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ee104cf1bb9cb7c269459b94248d416e270cbf8e;p=php

Warnings become errors for hash_hkdf
---

diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index a26b9a3767..5ec065573f 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -639,28 +639,28 @@ PHP_FUNCTION(hash_hkdf)
 
 	ops = php_hash_fetch_ops(ZSTR_VAL(algo), ZSTR_LEN(algo));
 	if (!ops) {
-		php_error_docref(NULL, E_WARNING, "Unknown hashing algorithm: %s", ZSTR_VAL(algo));
-		RETURN_FALSE;
+		zend_throw_error(NULL, "Unknown hashing algorithm: %s", ZSTR_VAL(algo));
+		return;
 	}
 
 	if (!ops->is_crypto) {
-		php_error_docref(NULL, E_WARNING, "Non-cryptographic hashing algorithm: %s", ZSTR_VAL(algo));
-		RETURN_FALSE;
+		zend_throw_error(NULL, "Non-cryptographic hashing algorithm: %s", ZSTR_VAL(algo));
+		return;
 	}
 
 	if (ZSTR_LEN(ikm) == 0) {
-		php_error_docref(NULL, E_WARNING, "Input keying material cannot be empty");
-		RETURN_FALSE;
+		zend_throw_error(NULL, "Input keying material cannot be empty");
+		return;
 	}
 
 	if (length < 0) {
-		php_error_docref(NULL, E_WARNING, "Length must be greater than or equal to 0: " ZEND_LONG_FMT, length);
-		RETURN_FALSE;
+		zend_throw_error(NULL, "Length must be greater than or equal to 0: " ZEND_LONG_FMT, length);
+		return;
 	} else if (length == 0) {
 		length = ops->digest_size;
 	} else if (length > (zend_long) (ops->digest_size * 255)) {
-		php_error_docref(NULL, E_WARNING, "Length must be less than or equal to %zd: " ZEND_LONG_FMT, ops->digest_size * 255, length);
-		RETURN_FALSE;
+		zend_throw_error(NULL, "Length must be less than or equal to %zd: " ZEND_LONG_FMT, ops->digest_size * 255, length);
+		return;
 	}
 
 	context = emalloc(ops->context_size);
diff --git a/ext/hash/tests/hash_hkdf_edges.phpt b/ext/hash/tests/hash_hkdf_edges.phpt
index 82acdbab04..debd166cfd 100644
--- a/ext/hash/tests/hash_hkdf_edges.phpt
+++ b/ext/hash/tests/hash_hkdf_edges.phpt
@@ -16,7 +16,13 @@ echo 'Length < digestSize: ', bin2hex(hash_hkdf('md5', $ikm, 7)), "\n";
 echo 'Length % digestSize != 0: ', bin2hex(hash_hkdf('md5', $ikm, 17)), "\n";
 echo 'Algo name case-sensitivity: ', (bin2hex(hash_hkdf('Md5', $ikm, 7)) === '98b16391063ece' ? 'true' : 'false'), "\n";
 echo "Non-crypto algo name case-sensitivity:\n";
-var_dump(hash_hkdf('jOaAt', $ikm));
+
+try { 
+    var_dump(hash_hkdf('jOaAt', $ikm));
+}
+catch (\Error $e) {
+    echo '[Error] ' . $e->getMessage() . "\n";
+}
 
 ?>
 --EXPECTF--
@@ -25,6 +31,4 @@ Length < digestSize: 98b16391063ece
 Length % digestSize != 0: 98b16391063ecee006a3ca8ee5776b1e5f
 Algo name case-sensitivity: true
 Non-crypto algo name case-sensitivity:
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: jOaAt in %s on line %d
-bool(false)
+[Error] Non-cryptographic hashing algorithm: jOaAt
diff --git a/ext/hash/tests/hash_hkdf_error.phpt b/ext/hash/tests/hash_hkdf_error.phpt
index e5903f126a..335988b965 100644
--- a/ext/hash/tests/hash_hkdf_error.phpt
+++ b/ext/hash/tests/hash_hkdf_error.phpt
@@ -3,76 +3,71 @@ Hash: hash_hkdf() function: error conditions
 --FILE--
 <?php
 
+error_reporting(E_ALL);
+
 /* Prototype  : string hkdf  ( string $algo  , string $ikm  [, int $length  , string $info = '' , string $salt = ''  ] )
  * Description: HMAC-based Key Derivation Function
  * Source code: ext/hash/hash.c
 */
 
+function trycatch_dump(...$tests) {
+    foreach ($tests as $test) {
+        try {
+            var_dump($test());
+        }
+        catch (\Error $e) {
+            echo '[' . get_class($e) . '] ' . $e->getMessage() . "\n";
+        }
+    }
+}
+
 $ikm = 'input key material';
 
 echo "*** Testing hash_hkdf(): error conditions ***\n";
 
 echo "\n-- Testing hash_hkdf() function with invalid hash algorithm --\n";
-var_dump(hash_hkdf('foo', $ikm));
+trycatch_dump(
+    fn() => hash_hkdf('foo', $ikm)
+);
 
 echo "\n-- Testing hash_hkdf() function with non-cryptographic hash algorithm --\n";
-var_dump(hash_hkdf('adler32', $ikm));
-var_dump(hash_hkdf('crc32', $ikm));
-var_dump(hash_hkdf('crc32b', $ikm));
-var_dump(hash_hkdf('fnv132', $ikm));
-var_dump(hash_hkdf('fnv1a32', $ikm));
-var_dump(hash_hkdf('fnv164', $ikm));
-var_dump(hash_hkdf('fnv1a64', $ikm));
-var_dump(hash_hkdf('joaat', $ikm));
+trycatch_dump(
+    fn() => hash_hkdf('adler32', $ikm),
+    fn() => hash_hkdf('crc32', $ikm),
+    fn() => hash_hkdf('crc32b', $ikm),
+    fn() => hash_hkdf('fnv132', $ikm),
+    fn() => hash_hkdf('fnv1a32', $ikm),
+    fn() => hash_hkdf('fnv164', $ikm),
+    fn() => hash_hkdf('fnv1a64', $ikm),
+    fn() => hash_hkdf('joaat', $ikm)
+);
 
 echo "\n-- Testing hash_hkdf() function with invalid parameters --\n";
-var_dump(hash_hkdf('sha1', ''));
-var_dump(hash_hkdf('sha1', $ikm, -1));
-var_dump(hash_hkdf('sha1', $ikm, 20 * 255 + 1)); // Length can't be more than 255 times the hash digest size
+trycatch_dump(
+    fn() => hash_hkdf('sha1', ''),
+    fn() => hash_hkdf('sha1', $ikm, -1),
+    fn() => hash_hkdf('sha1', $ikm, 20 * 255 + 1) // Length can't be more than 255 times the hash digest size
+)
 ?>
 ===Done===
---EXPECTF--
+--EXPECT--
 *** Testing hash_hkdf(): error conditions ***
 
 -- Testing hash_hkdf() function with invalid hash algorithm --
-
-Warning: hash_hkdf(): Unknown hashing algorithm: foo in %s on line %d
-bool(false)
+[Error] Unknown hashing algorithm: foo
 
 -- Testing hash_hkdf() function with non-cryptographic hash algorithm --
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: adler32 in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: crc32 in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: crc32b in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: fnv132 in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: fnv1a32 in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: fnv164 in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: fnv1a64 in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Non-cryptographic hashing algorithm: joaat in %s on line %d
-bool(false)
+[Error] Non-cryptographic hashing algorithm: adler32
+[Error] Non-cryptographic hashing algorithm: crc32
+[Error] Non-cryptographic hashing algorithm: crc32b
+[Error] Non-cryptographic hashing algorithm: fnv132
+[Error] Non-cryptographic hashing algorithm: fnv1a32
+[Error] Non-cryptographic hashing algorithm: fnv164
+[Error] Non-cryptographic hashing algorithm: fnv1a64
+[Error] Non-cryptographic hashing algorithm: joaat
 
 -- Testing hash_hkdf() function with invalid parameters --
-
-Warning: hash_hkdf(): Input keying material cannot be empty in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Length must be greater than or equal to 0: -1 in %s on line %d
-bool(false)
-
-Warning: hash_hkdf(): Length must be less than or equal to 5100: 5101 in %s on line %d
-bool(false)
+[Error] Input keying material cannot be empty
+[Error] Length must be greater than or equal to 0: -1
+[Error] Length must be less than or equal to 5100: 5101
 ===Done===