Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:87657 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 24501 invoked from network); 5 Aug 2015 23:55:18 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 5 Aug 2015 23:55:18 -0000 Authentication-Results: pb1.pair.com header.from=scott@paragonie.com; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=scott@paragonie.com; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain paragonie.com from 209.85.192.54 cause and error) X-PHP-List-Original-Sender: scott@paragonie.com X-Host-Fingerprint: 209.85.192.54 mail-qg0-f54.google.com Received: from [209.85.192.54] ([209.85.192.54:35890] helo=mail-qg0-f54.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id B1/20-22467-562A2C55 for ; Wed, 05 Aug 2015 19:55:17 -0400 Received: by qgeh16 with SMTP id h16so42120953qge.3 for ; Wed, 05 Aug 2015 16:55:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=BMng0G4lBPWm3amIuWiRAy/pdZj1mHR/8S99XGgHLBo=; b=HbePX2ZJdXE6YKV1CpIgGVErFdcvuwOkorJCVfJIOtWRQy6xeze0mgJt3YSHFw+8mX iNlpg+HvCZzcMoPkH7lVsqrBR4sXKcBP1S5gxwoqXWxomwu5aE1Qj3tWDC7jzhuvae1g kt+wpFeLGeR/jZxeotlP4r5BGh9M6AOkbebl/OcdgiJxCcOKZ5uD9dImr3FWVW5d7/Uw UV27BgUaxdX8VLz6FNPszoRrYynwVV27IfnheJRFWDEZa+Pj9p2pqTRNSc1P4K/9MF+/ WJLhakLctc7kEp1KYpdIgd1hwFVDuNk56zJvpw9Fxpye/C3Icq3g5jTCJDwiYpHEXBTC EayA== X-Gm-Message-State: ALoCoQltI7iMV4fVxRFG1N9wU+C09j6qx64/Z1/f/mZldsWi6br4jBYIkMFKJlW/Ert11jpQ4qnJ MIME-Version: 1.0 X-Received: by 10.140.134.21 with SMTP id 21mr23441323qhg.4.1438818914370; Wed, 05 Aug 2015 16:55:14 -0700 (PDT) Received: by 10.96.83.102 with HTTP; Wed, 5 Aug 2015 16:55:14 -0700 (PDT) Date: Wed, 5 Aug 2015 19:55:14 -0400 Message-ID: To: PHP Internals Content-Type: text/plain; charset=UTF-8 Subject: Recap - Core functions throwing exceptions in PHP7 From: scott@paragonie.com (Scott Arciszewski) All, I'd like to move the conversation towards a decision regarding PRs 1397 and 1398. These decisions are blocking random_compat as well as a security enhancement to random_bytes (merge conflicts are *the worst*). Here's a quick recap Arguments: 1. Consistency is more important than security. > random_* should be consistent with the rest of PHP (sans intdiv()). > They should return false and emit an E_WARNING > or E_ERROR warning (the latter is if we want it to fail closed). > > It's the responsibility of the developer to know this can > happen and explicitly check for it. Don't throw anything. 2. Security is more important than consistency. > Placing more responsibility on the developer increases the > likelihood of an implementation error. We should aim for compatible > usability with rand() and mt_rand() for random_int(), which never return > false. For random_int() and random_bytes(), should PHP be unable > to generate a random value (no random device available, file > descriptor exhaustion, etc.) an exception should be thrown. If the > developer wants to handle it gracefully, they can place it in try/catch > blocks (which raising errors make messy). Otherwise, the default > state is to fail closed (i.e. terminate script execution). Open Questions: 1. Under what conditions should an Exception be thrown, and which should throw an Error instead? Did I miss any? I'm in favor of throwing *something*. As for the particulars of what should be an Exception and what should be an Error, I don't have a horse in this race. Exceptions already existed and Errors were already accepted in the Throwable RFC, so I don't believe this warrants another RFC and putting this decision off until 7.1. Scott Arciszewski Chief Development Officer Paragon Initiative Enterprises