From 7b273d6a5cc1f6f1db1138a11757ff5d3deb9e7d Mon Sep 17 00:00:00 2001
From: Dion Hulse <dd32@git.wordpress.org>
Date: Mon, 14 Dec 2015 07:45:13 +0000
Subject: [PATCH] Update random_compat to latest master (~1.1.5) Changes:  *
 Checks `disable_classes` for `COM()` before using to avoid PHP Warnings  *
 Uses `stream_set_chunk_size()` to avoid reading 8KiB from `/dev/urandom`
 unintentionally. See #34948

git-svn-id: https://develop.svn.wordpress.org/trunk@35922 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/random_compat/random.php      | 22 ++++++++++------
 .../random_bytes_dev_urandom.php              | 25 +++++++++++--------
 2 files changed, 30 insertions(+), 17 deletions(-)

diff --git a/src/wp-includes/random_compat/random.php b/src/wp-includes/random_compat/random.php
index d1f7555afa..8898a35bcd 100644
--- a/src/wp-includes/random_compat/random.php
+++ b/src/wp-includes/random_compat/random.php
@@ -90,15 +90,23 @@ if (PHP_VERSION_ID < 70000) {
             extension_loaded('com_dotnet') &&
             class_exists('COM')
         ) {
-            try {
-                $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
-                if (method_exists($RandomCompatCOMtest, 'GetRandom')) {
-                    // See random_bytes_com_dotnet.php
-                    require_once $RandomCompatDIR.'/random_bytes_com_dotnet.php';
+            $RandomCompat_disabled_classes = preg_split(
+                '#\s*,\s*#', 
+                strtolower(ini_get('disable_classes'))
+            );
+            
+            if (!in_array('com', $RandomCompat_disabled_classes)) {
+                try {
+                    $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
+                    if (method_exists($RandomCompatCOMtest, 'GetRandom')) {
+                        // See random_bytes_com_dotnet.php
+                        require_once $RandomCompatDIR.'/random_bytes_com_dotnet.php';
+                    }
+                } catch (com_exception $e) {
+                    // Don't try to use it.
                 }
-            } catch (com_exception $e) {
-                // Don't try to use it.
             }
+            $RandomCompat_disabled_classes = null;
             $RandomCompatCOMtest = null;
         }
         if (
diff --git a/src/wp-includes/random_compat/random_bytes_dev_urandom.php b/src/wp-includes/random_compat/random_bytes_dev_urandom.php
index aebcafcf7d..5d07104b3f 100644
--- a/src/wp-includes/random_compat/random_bytes_dev_urandom.php
+++ b/src/wp-includes/random_compat/random_bytes_dev_urandom.php
@@ -62,16 +62,21 @@ function random_bytes($bytes)
                 $fp = false;
             }
         }
-        /**
-         * stream_set_read_buffer() does not exist in HHVM
-         * 
-         * If we don't set the stream's read buffer to 0, PHP will
-         * internally buffer 8192 bytes, which can waste entropy
-         * 
-         * stream_set_read_buffer returns 0 on success
-         */
-        if (!empty($fp) && function_exists('stream_set_read_buffer')) {
-            stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER);
+        if (!empty($fp)) {
+            /**
+             * stream_set_read_buffer() does not exist in HHVM
+             * 
+             * If we don't set the stream's read buffer to 0, PHP will
+             * internally buffer 8192 bytes, which can waste entropy
+             * 
+             * stream_set_read_buffer returns 0 on success
+             */
+            if (function_exists('stream_set_read_buffer')) {
+                stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER);
+            }
+            if (function_exists('stream_set_chunk_size')) {
+                stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER);
+            }
         }
     }
     try {