Welcome Guest, Not a member yet? Register   Sign In
Infinite loop using CAPTCHA captcha helper.php. CodeIgniter 3.03
#1

In the following code when entering the break option. An infinite loop is given and not continuing the application (File ..system/core/helpers/captcha_helper.php) version 3.03:

$byte_index = $word_index = 0;
while ($word_index < $word_length)
{
//echo "wi = " . $word_index . "wl = " . $word_length . " \n";
if (($rand_index = unpack('C', $bytes[$byte_index++])) > $rand_max)
{
// Was this the last byte we have?
// If so, try to fetch more.
if ($byte_index === $pool_length)
{
// No failures should be possible if
// the first get_random_bytes() call
// didn't return FALSE, but still ...
for ($i = 0; $i < 5; $i++)
{
if (($bytes = $security->get_random_bytes($pool_length)) === FALSE)
{
continue;
}

$byte_index = 0;
break;
}

if ($bytes === FALSE)
{
// Sadly, this means fallback to mt_rand()
$word = '';
break;
}
}

continue;
}

$word .= $pool[$rand_index];
$word_index++;
}
Reply
#2

What do you mean by entering the break condition? There are two breaks, and what a break does is to ... break the loop; it can't cause an infinite one.
Reply
#3

breaks = bad practice IMO, very few or rare cases where it should be needed. Consider looking at your code again.
Practical guide to IgnitedCMS - Book coming soon, www.ignitedcms.com
Reply
#4

(11-06-2015, 03:18 PM)iamthwee Wrote: breaks = bad practice IMO, very few or rare cases where it should be needed. Consider looking at your code again.

I wrote that code.
Reply
#5

I am not sure why using a break in short tidy loops is bad practice. Sure, in massive long stretches of code it can be a pain but for short constructs like the above it is not a problem at all. (IMHO)
Reply
#6

I also found an infinite loop using CAPTCHA on CI 3.03.

But only happens when the word ('word'=> '') is not provided.

If I provide the word CAPTCHA library works fine. With out it the infinite loop comes back again.

So I end up doing this to solve the problem: word=>random_string('alnum', 8);
Reply
#7

https://github.com/bcit-ci/CodeIgniter/c...9504e89f75

error_reporting = On was all that was needed to find the issue ...
Reply
#8

Hello!
These changes do not solve the problem.
If I update the captcha several times, sometimes I get a Message:

Severity: Warning
Message: unpack(): Type C: not enough input, need 1, have 0
Filename: helpers/captcha_helper.php
Line Number: 174
Reply




Theme © iAndrew 2016 - Forum software by © MyBB