hash_equals fails when no stored hash is available

Created on 28 September 2023, 9 months ago

Problem/Motivation

In \Drupal\user_hash\Services::validateHash we call hash_equals with one value being the stored hash for the given user. That value could be NULL, then this function fails.

Proposed resolution

Assert the stored value first.

🐛 Bug report

Status

Fixed

Version

2.0

Component

Code

Created by

🇩🇪Germany jurgenhaas Gottmadingen

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @jurgenhaas

Comment 9 months ago →

System Message

jurgenhaas → committed 4bbab919 on 2.0.x

Issue #3390460 by jurgenhaas: hash_equals fails when no stored hash is...

Status changed to Fixed 9 months ago2:51pm 28 September 2023
Comment 9 months ago →
🇩🇪Germany jurgenhaas Gottmadingen
Comment 9 months ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.69.0 2024