I tried to generate a new password with Password.create('test') but it throws BCrypt::Errors::InvalidHash (invalid hash) error. Then i try to generate hash with BCrypt::Engine.hash_secret('secret', BCrypt::Engine.generate_salt(1)) to see what's wrong there and i noticed the code generated 32767 character long string as the following
$2a$04$tk0ZskJEMxKW5Zx0OIMy/Ot5z.Vleg7SXfRV9.GryPpKRchRK/S3m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\............
Because of unexpected long hash string the valid_hash? method returns nil and broke the app.
I test the problem against to ruby 2.4.1, 2.5.0 and 2.5.1 on Fedora 28. All of them were failing.
I check the GCC version and noticed that it upgraded to 8.x on Fedora 28. I am not sure, but it could be a compiler related bug..
I tried to generate a new password with
Password.create('test')but it throws BCrypt::Errors::InvalidHash (invalid hash) error. Then i try to generate hash withBCrypt::Engine.hash_secret('secret', BCrypt::Engine.generate_salt(1))to see what's wrong there and i noticed the code generated 32767 character long string as the following$2a$04$tk0ZskJEMxKW5Zx0OIMy/Ot5z.Vleg7SXfRV9.GryPpKRchRK/S3m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\............Because of unexpected long hash string the valid_hash? method returns nil and broke the app.
I test the problem against to ruby 2.4.1, 2.5.0 and 2.5.1 on Fedora 28. All of them were failing.
I check the GCC version and noticed that it upgraded to 8.x on Fedora 28. I am not sure, but it could be a compiler related bug..