WordPress › wp_rand() for Entropy PHP

wp_rand() for Entropy PHP

The Entropy builds of PHP can truncate ints instead of overflowing as floats. That misbehavior breaks wp_rand(), wp_generate_password(), and Jetpack.

Download Version 0.1

On some 32bit hosts, the Entropy builds of PHP truncate integers larger than PHP_INT_MAX to PHP_INT_MAX rather than overflowing them as floats.

This can cause wp_rand() to return a value outside the requested range. That unexpected value in turn breaks wp_generate_password(), which can have security ramifications.

Of particular note to this plugin's authors, the bug prevents Jetpack from functioning.

This plugin works around the bug by redefining the pluggable wp_rand() function. In the redefinition, large integers are expressed as strings and cast to floats, rather than as ints.

Tags: entropy, jetpack, wp_generate_password, wp_rand

Requires: 3.0 or higher
Compatible up to: 3.3.2
Last Updated: 2011-12-15
Downloads: 103

Average Rating

5 stars

(1 ratings)

Authors

mdawaffe

20 plugins

automattic

57 plugins

Support

Got something to say? Need help?

View support forum

Compatibility

	WordPress
+	Plugin
=	Works! Broken :( Not enough data

0 people say it works.
0 people say it's broken.

100,1,1

WordPress.org

Plugin Directory

Search Plugins

Popular TagsMore »

wp_rand() for Entropy PHP

Average Rating

Authors

Support

Compatibility

Code is Poetry