diff options
| author | Scott Arciszewski <scott@arciszewski.me> | 2015-03-19 14:44:31 -0400 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2015-03-25 10:28:00 +0100 |
| commit | 6a162c7ca4e72005d87d458af01082944d94552a (patch) | |
| tree | 79972058db14fab9da91bddf957e722b0f95b2a9 | |
| parent | 551d5b01ee118c2d6e54cf8abb25a28c20568640 (diff) | |
| download | symfony-security-6a162c7ca4e72005d87d458af01082944d94552a.zip symfony-security-6a162c7ca4e72005d87d458af01082944d94552a.tar.gz symfony-security-6a162c7ca4e72005d87d458af01082944d94552a.tar.bz2 | |
Update StringUtils.php
| -rw-r--r-- | Core/Util/StringUtils.php | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/Core/Util/StringUtils.php b/Core/Util/StringUtils.php index e8f3e3b..8cbd191 100644 --- a/Core/Util/StringUtils.php +++ b/Core/Util/StringUtils.php @@ -45,8 +45,8 @@ class StringUtils return hash_equals($knownString, $userInput); } - $knownLen = strlen($knownString); - $userLen = strlen($userInput); + $knownLen = self::safeStrlen($knownString); + $userLen = self::safeStrlen($userInput); // Extend the known string to avoid uninitialized string offsets $knownString .= $userInput; @@ -63,4 +63,18 @@ class StringUtils // They are only identical strings if $result is exactly 0... return 0 === $result; } + + /** + * Return the number of bytes in a string + * + * @param string $string The string whose length we wish to obtain + * @return int + */ + public static function safeStrlen($string) + { + if (function_exists('mb_strlen')) { + return mb_strlen($string, '8bit'); + } + return strlen($string); + } } |