Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-10042

GD captcha has invalid mt_rand calls

    Details

    • Type: Bug
    • Status: Unverified Fix
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 3.0.8
    • Fix Version/s: 3.0.9-RC1
    • Component/s: Sessions
    • Labels:
      None
    • Environment:
      php 5.3.5

      Description

      Like the 3D wave captcha, the GD captcha seems to have the same issues with mt_rand, from my error log:

      Anonymous 222.166.181.207 Sun Feb 13, 2011 10:56 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-5) is smaller than min(0)
      Anonymous 222.166.181.207 Sun Feb 13, 2011 10:56 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-7) is smaller than min(0)
      Anonymous 222.166.181.207 Sun Feb 13, 2011 10:56 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-8) is smaller than min(0)
      Anonymous 222.166.181.207 Sun Feb 13, 2011 10:56 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-11) is smaller than min(0)
      Anonymous 222.166.181.207 Sun Feb 13, 2011 10:56 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-17) is smaller than min(0)
      Anonymous 222.166.181.207 Sun Feb 13, 2011 10:56 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-27) is smaller than min(0)
      Anonymous 222.166.181.207 Sun Feb 13, 2011 10:56 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-5) is smaller than min(0)
      Anonymous 222.166.181.11 Sun Feb 13, 2011 10:55 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-7) is smaller than min(0)
      Anonymous 222.166.181.11 Sun Feb 13, 2011 10:55 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-9) is smaller than min(0)
      Anonymous 222.166.181.11 Sun Feb 13, 2011 10:55 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-10) is smaller than min(0)
      Anonymous 222.166.181.11 Sun Feb 13, 2011 10:55 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-13) is smaller than min(0)
      Anonymous 222.166.181.11 Sun Feb 13, 2011 10:55 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-18) is smaller than min(0)
      Anonymous 222.166.181.11 Sun Feb 13, 2011 10:55 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-27) is smaller than min(0)
      Anonymous 222.166.181.11 Sun Feb 13, 2011 10:55 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-41) is smaller than min(0)
      Anonymous 222.166.181.41 Sun Feb 13, 2011 10:54 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-4) is smaller than min(0)
      Anonymous 222.166.181.41 Sun Feb 13, 2011 10:54 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-5) is smaller than min(0)
      Anonymous 222.166.181.41 Sun Feb 13, 2011 10:54 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-6) is smaller than min(0)
      Anonymous 222.166.181.41 Sun Feb 13, 2011 10:54 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-8) is smaller than min(0)
      Anonymous 222.166.181.41 Sun Feb 13, 2011 10:54 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-10) is smaller than min(0)
      Anonymous 222.166.181.41 Sun Feb 13, 2011 10:54 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-16) is smaller than min(0)
      Anonymous 222.166.181.41 Sun Feb 13, 2011 10:54 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-24) is smaller than min(0)
      Anonymous 222.166.181.23 Sun Feb 13, 2011 10:53 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-1) is smaller than min(0)
      Anonymous 222.166.181.23 Sun Feb 13, 2011 10:53 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-1) is smaller than min(0)
      Anonymous 91.212.226.207 Sun Feb 13, 2011 7:45 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-4) is smaller than min(0)
      Anonymous 91.212.226.207 Sun Feb 13, 2011 7:45 am Error while creating image
      » Error in /includes/captcha/captcha_gd.php on line 80: mt_rand(): max(-5) is smaller than min(0)

      It seems that it doesnt happen every captcha call, as when I try to see the image, the image is still displayed.

        Issue Links

          Activity

          Hide
          bantu Andreas Fischer added a comment -

          No difference with and without the patch for me. Maybe try a shorter string, the captcha wasn't really made for strings longer than 8 characters. I only told you how to reproduce the error message from the reporter.

          Show
          bantu Andreas Fischer added a comment - No difference with and without the patch for me. Maybe try a shorter string, the captcha wasn't really made for strings longer than 8 characters. I only told you how to reproduce the error message from the reporter.
          Hide
          AmigoJack AmigoJack added a comment -

          Encountered this error today for the first time and was not able to reproduce it.

          My log has the following trace if it helps: you have to read it from bottom to top (like from PHP's debug_backtrace but more compacted) and line numbers might not match with a vanilla 3.0.8 installation, since it's modified. Also note that on the board registrations are disabled and CAPTHAs aren't used either - someone must have tried some generic phpBB access...

          2011-03-31 23:00:02 +0200
           Source: #2 in "/srv/public/clients/void.void/includes/captcha/captcha_gd.php" line 80
           Text:   mt_rand(): max(-2) is smaller than min(0)
           URI:    /ucp.php?mode=confirm&confirm_id=28dc2be1bdbdef06ceebed4457084802&type=2
           User:   1 = Anonymous
           Trace:
          1: 
          	function: msg_handler(
          		0: (integer) 2
          		1: (string) mt_rand(): max(-2) is smaller than min(0)
          		2: (string) /srv/public/clients/void.void/includes/captcha/captcha_gd.php
          		3: (integer) 80
          		4: A(20)
          2: 
          	file: /includes/captcha/captcha_gd.php :80
          	function: mt_rand(
          		0: (integer) 0
          		1: (integer) -2
          3: 
          	file: /includes/captcha/plugins/captcha_abstract.php :85
          	function: execute@captcha.O(2)->(
          		0: (string) 6VM6ACJ
          		1: (string) 490480830
          4: 
          	file: /includes/ucp/ucp_confirm.php :43
          	function: execute@phpbb_default_captcha.O(8)->(
          5: 
          	file: /includes/functions_module.php :507
          	function: main@ucp_confirm.O(2)->(
          		0: (string) confirm
          		1: (NULL) 
          6: 
          	file: /includes/functions_module.php :802
          	function: load_active@p_master.O(11)->(
          		0: (boolean) 
          7: 
          	file: /ucp.php :72
          	function: load@p_master.O(11)->(
          		0: (string) ucp
          		1: (string) confirm

          Show
          AmigoJack AmigoJack added a comment - Encountered this error today for the first time and was not able to reproduce it. My log has the following trace if it helps: you have to read it from bottom to top (like from PHP's debug_backtrace but more compacted) and line numbers might not match with a vanilla 3.0.8 installation, since it's modified. Also note that on the board registrations are disabled and CAPTHAs aren't used either - someone must have tried some generic phpBB access... 2011-03-31 23:00:02 +0200 Source: #2 in "/srv/public/clients/void.void/includes/captcha/captcha_gd.php" line 80 Text: mt_rand(): max(-2) is smaller than min(0) URI: /ucp.php?mode=confirm&confirm_id=28dc2be1bdbdef06ceebed4457084802&type=2 User: 1 = Anonymous Trace: 1: function: msg_handler( 0: (integer) 2 1: (string) mt_rand(): max(-2) is smaller than min(0) 2: (string) /srv/public/clients/void.void/includes/captcha/captcha_gd.php 3: (integer) 80 4: A(20) 2: file: /includes/captcha/captcha_gd.php :80 function: mt_rand( 0: (integer) 0 1: (integer) -2 3: file: /includes/captcha/plugins/captcha_abstract.php :85 function: execute@captcha.O(2)->( 0: (string) 6VM6ACJ 1: (string) 490480830 4: file: /includes/ucp/ucp_confirm.php :43 function: execute@phpbb_default_captcha.O(8)->( 5: file: /includes/functions_module.php :507 function: main@ucp_confirm.O(2)->( 0: (string) confirm 1: (NULL) 6: file: /includes/functions_module.php :802 function: load_active@p_master.O(11)->( 0: (boolean) 7: file: /ucp.php :72 function: load@p_master.O(11)->( 0: (string) ucp 1: (string) confirm
          Hide
          Oleg Oleg [X] (Inactive) added a comment -

          I think the ideal fix here would be to make letters more evenly distributed across the captcha, when there is not enough space to "freely" lay them out.

          Show
          Oleg Oleg [X] (Inactive) added a comment - I think the ideal fix here would be to make letters more evenly distributed across the captcha, when there is not enough space to "freely" lay them out.
          Hide
          bantu Andreas Fischer added a comment -

          Yeah, if you want to look into doing this, feel free to do so.

          Show
          bantu Andreas Fischer added a comment - Yeah, if you want to look into doing this, feel free to do so.
          Hide
          bantu Andreas Fischer added a comment -

          Merge https://github.com/phpbb/phpbb3/pull/103 iff there is no proper fix available before release. Blocks 3.0.9-RC1.

          Show
          bantu Andreas Fischer added a comment - Merge https://github.com/phpbb/phpbb3/pull/103 iff there is no proper fix available before release. Blocks 3.0.9-RC1.

            People

            • Assignee:
              bantu Andreas Fischer
              Reporter:
              Paul Paul Sohier
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development