bug #51511 [PasswordHasher] Avoid passing null to hash_pbkdf2() (sdespont)

derrabus · derrabus · commit fcb754a1c08e · 2023-08-29T08:49:16.000+02:00
This PR was submitted for the 6.4 branch but it was merged into the 5.4 branch instead. Discussion ---------- [PasswordHasher] Avoid passing `null` to `hash_pbkdf2()` | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | N/A | License | MIT | Doc PR | N/A Because https://www.php.net/manual/en/function.hash-pbkdf2.php is expecting `string` and not `?string`. Pertmits avoiding deprecation warning. Commits ------- aaf507a Update Pbkdf2PasswordHasher.php
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/Pbkdf2PasswordHasher.php b/src/Symfony/Component/PasswordHasher/Hasher/Pbkdf2PasswordHasher.php
@@ -69,7 +69,7 @@ public function hash(string $plainPassword, string $salt = null): string
             throw new LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm));
         }
 
-        $digest = hash_pbkdf2($this->algorithm, $plainPassword, $salt, $this->iterations, $this->length, true);
+        $digest = hash_pbkdf2($this->algorithm, $plainPassword, $salt ?? '', $this->iterations, $this->length, true);
 
         return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);
     }

Original file line number	Diff line number	Diff line change
`@@ -69,7 +69,7 @@ public function hash(string $plainPassword, string $salt = null): string`
`69`	`69`	`throw new LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm));`
`70`	`70`	`}`
`71`	`71`
`72`		`- $digest = hash_pbkdf2($this->algorithm, $plainPassword, $salt, $this->iterations, $this->length, true);`
	`72`	`+ $digest = hash_pbkdf2($this->algorithm, $plainPassword, $salt ?? '', $this->iterations, $this->length, true);`
`73`	`73`
`74`	`74`	`return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);`
`75`	`75`	`}`