View Issue Details

IDProjectCategoryView StatusLast Update
0033631mantisbtcode cleanuppublic2024-02-20 16:58
Reporterdregad Assigned Todregad  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Target Version2.26.1Fixed in Version2.26.1 
Summary0033631: Uncaught exception in installer
Description

When attempting to generate the Crypto Master Salt, if there is no available randomness source, random_bytes() throws an exception which is not caught, disrupting the installation procedure.

TagsNo tags attached.

Activities

There are no notes attached to this issue.

Related Changesets

MantisBT: master 1791605e

2024-02-11 06:03

dregad


Details Diff
Installer: catch RandomException

When the installer attempts to generate the Crypto Master Salt, if there
is no available randomness source, random_bytes() throws an exception
which was not caught, disrupting the installation procedure.

Refactoring the code to catch the exception, and display a meaningful
warning message to the admin, and add a comment in the generated config
file.

Note: it's a RandomException on PHP 8.2+, and plain Exception in older
PHP versions, so we catch the latter for now to ensure compatibility.

Fixes 33631
Affected Issues
0033631
mod - admin/install.php Diff File