ZF-12381: Zend_Validate_File_Hash fails if the expected hash value contains only numbers

Description

In the very unlikely case that the hash of a file contains only digits (e.g. "32608459") the isValid() method of Zend_Validate_File_Hash returns false. I found that the origin of the problem is at line 137 of the Hash.php


$this->_hash[$value] = $algorithm;

At this place $value is of type String. After the loop the key in $this->_hash for this entry becomes an integer value. Thus, the validation statement in line 169


if ($filehash === $hash) {

fails because of the typesafe comparison ("32608459" === 32608459 is FALSE).

Comments

No comments to display