ZF-12381: Zend_Validate_File_Hash fails if the expected hash value contains only numbers

Issue Type: Bug Created: 2012-08-21T09:50:05.000+0000 Last Updated: 2012-08-21T09:50:05.000+0000 Status: Open Fix version(s): Reporter: Alfred Brose (alfred.brose) Assignee: Thomas Weidner (thomas) Tags: - Zend_Validate_File

Related issues: Attachments:


In the very unlikely case that the hash of a file contains only digits (e.g. "32608459") the isValid() method of Zend_Validate_File_Hash returns false. I found that the origin of the problem is at line 137 of the Hash.php

<pre class="highlight">
$this->_hash[$value] = $algorithm;

At this place $value is of type String. After the loop the key in $this->_hash for this entry becomes an integer value. Thus, the validation statement in line 169

<pre class="highlight">
if ($filehash === $hash) {

fails because of the typesafe comparison ("32608459" === 32608459 is FALSE).


No comments to display

Have you found an issue?

See the Overview section for more details.


© 2006-2018 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.