From 939302c10b9a1f002ffcbb8cd832d7e6b3f11fd1 Mon Sep 17 00:00:00 2001
From: MaxGiting <MaxGiting@users.noreply.github.com>
Date: Thu, 17 Nov 2022 12:02:45 +0000
Subject: [PATCH] Check for null and return false

---
 src/Illuminate/Hashing/AbstractHasher.php |  4 ++--
 src/Illuminate/Hashing/Argon2IdHasher.php |  4 ++--
 tests/Hashing/HasherTest.php              | 20 ++++++++++++++++++++
 3 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/src/Illuminate/Hashing/AbstractHasher.php b/src/Illuminate/Hashing/AbstractHasher.php
index 7ec087bee258..e9ab658dab20 100644
--- a/src/Illuminate/Hashing/AbstractHasher.php
+++ b/src/Illuminate/Hashing/AbstractHasher.php
@@ -19,13 +19,13 @@ public function info($hashedValue)
      * Check the given plain value against a hash.
      *
      * @param  string  $value
-     * @param  string  $hashedValue
+     * @param  string|null  $hashedValue
      * @param  array  $options
      * @return bool
      */
     public function check($value, $hashedValue, array $options = [])
     {
-        if (strlen($hashedValue) === 0) {
+        if (is_null($hashedValue)) {
             return false;
         }
 
diff --git a/src/Illuminate/Hashing/Argon2IdHasher.php b/src/Illuminate/Hashing/Argon2IdHasher.php
index 0a36a3000213..cc7bab3d07b7 100644
--- a/src/Illuminate/Hashing/Argon2IdHasher.php
+++ b/src/Illuminate/Hashing/Argon2IdHasher.php
@@ -10,7 +10,7 @@ class Argon2IdHasher extends ArgonHasher
      * Check the given plain value against a hash.
      *
      * @param  string  $value
-     * @param  string  $hashedValue
+     * @param  string|null  $hashedValue
      * @param  array  $options
      * @return bool
      *
@@ -22,7 +22,7 @@ public function check($value, $hashedValue, array $options = [])
             throw new RuntimeException('This password does not use the Argon2id algorithm.');
         }
 
-        if (strlen($hashedValue) === 0) {
+        if (is_null($hashedValue)) {
             return false;
         }
 
diff --git a/tests/Hashing/HasherTest.php b/tests/Hashing/HasherTest.php
index 62e06e4ac896..f0bee455682c 100755
--- a/tests/Hashing/HasherTest.php
+++ b/tests/Hashing/HasherTest.php
@@ -10,6 +10,26 @@
 
 class HasherTest extends TestCase
 {
+    public function testEmptyHashedValueReturnsFalse()
+    {
+        $hasher = new BcryptHasher();
+        $this->assertTrue($hasher->check('password', ''));
+        $hasher = new ArgonHasher();
+        $this->assertTrue($hasher->check('password', ''));
+        $hasher = new Argon2IdHasher();
+        $this->assertTrue($hasher->check('password', ''));
+    }
+
+    public function testNullHashedValueReturnsFalse()
+    {
+        $hasher = new BcryptHasher();
+        $this->assertTrue($hasher->check('password', null));
+        $hasher = new ArgonHasher();
+        $this->assertTrue($hasher->check('password', null));
+        $hasher = new Argon2IdHasher();
+        $this->assertTrue($hasher->check('password', null));
+    }
+
     public function testBasicBcryptHashing()
     {
         $hasher = new BcryptHasher;