diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update StringUtils.php

Browse Source
This commit is contained in:
Scott Arciszewski 2015-03-19 14:44:31 -04:00 committed by Fabien Potencier
parent 36948bb382
commit 56ed71c7d2
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/Symfony/Component/Security/Core/Util/StringUtils.php
View File

@ -45,8 +45,8 @@ class StringUtils
return hash_equals($knownString, $userInput); return hash_equals($knownString, $userInput);
} }
$knownLen = strlen($knownString); $knownLen = self::safeStrlen($knownString);
$userLen = strlen($userInput); $userLen = self::safeStrlen($userInput);
// Extend the known string to avoid uninitialized string offsets // Extend the known string to avoid uninitialized string offsets
$knownString .= $userInput; $knownString .= $userInput;
@ -63,4 +63,18 @@ class StringUtils
// They are only identical strings if $result is exactly 0... // They are only identical strings if $result is exactly 0...
return 0 === $result; return 0 === $result;
} }
/**
* Return the number of bytes in a string
*
* @param string $string The string whose length we wish to obtain
* @return int
*/
public static function safeStrlen($string)
{
if (function_exists('mb_strlen')) {
return mb_strlen($string, '8bit');
}
return strlen($string);
}
} }