From 210e9e49089d065e2e2f3f4ee90c75155e94ac86 Mon Sep 17 00:00:00 2001
From: Christian Flothmann <christian.flothmann@qossmic.com>
Date: Sat, 13 Apr 2024 09:04:03 +0200
Subject: [PATCH] skip test assertions that are no longer valid with PHP >=
 8.2.18/8.3.5

---
 .../Tests/Hasher/NativePasswordHasherTest.php               | 6 +++++-
 .../Tests/Hasher/SodiumPasswordHasherTest.php               | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/Symfony/Component/PasswordHasher/Tests/Hasher/NativePasswordHasherTest.php b/src/Symfony/Component/PasswordHasher/Tests/Hasher/NativePasswordHasherTest.php
index 5dc301916eed3..4cf708b806296 100644
--- a/src/Symfony/Component/PasswordHasher/Tests/Hasher/NativePasswordHasherTest.php
+++ b/src/Symfony/Component/PasswordHasher/Tests/Hasher/NativePasswordHasherTest.php
@@ -103,7 +103,11 @@ public function testBcryptWithNulByte()
         $hasher = new NativePasswordHasher(null, null, 4, \PASSWORD_BCRYPT);
         $plainPassword = "a\0b";
 
-        $this->assertFalse($hasher->verify(password_hash($plainPassword, \PASSWORD_BCRYPT, ['cost' => 4]), $plainPassword));
+        if (\PHP_VERSION_ID < 80218 || \PHP_VERSION_ID >= 80300 && \PHP_VERSION_ID < 80305) {
+            // password_hash() does not accept passwords containing NUL bytes since PHP 8.2.18 and 8.3.5
+            $this->assertFalse($hasher->verify(password_hash($plainPassword, \PASSWORD_BCRYPT, ['cost' => 4]), $plainPassword));
+        }
+
         $this->assertTrue($hasher->verify($hasher->hash($plainPassword), $plainPassword));
     }
 
diff --git a/src/Symfony/Component/PasswordHasher/Tests/Hasher/SodiumPasswordHasherTest.php b/src/Symfony/Component/PasswordHasher/Tests/Hasher/SodiumPasswordHasherTest.php
index 3dc97c768f6f1..101c09fc46ed3 100644
--- a/src/Symfony/Component/PasswordHasher/Tests/Hasher/SodiumPasswordHasherTest.php
+++ b/src/Symfony/Component/PasswordHasher/Tests/Hasher/SodiumPasswordHasherTest.php
@@ -78,7 +78,11 @@ public function testBcryptWithNulByte()
         $hasher = new SodiumPasswordHasher(null, null);
         $plainPassword = "a\0b";
 
-        $this->assertFalse($hasher->verify(password_hash($plainPassword, \PASSWORD_BCRYPT, ['cost' => 4]), $plainPassword));
+        if (\PHP_VERSION_ID < 80218 || \PHP_VERSION_ID >= 80300 && \PHP_VERSION_ID < 80305) {
+            // password_hash() does not accept passwords containing NUL bytes since PHP 8.2.18 and 8.3.5
+            $this->assertFalse($hasher->verify(password_hash($plainPassword, \PASSWORD_BCRYPT, ['cost' => 4]), $plainPassword));
+        }
+
         $this->assertTrue($hasher->verify((new NativePasswordHasher(null, null, 4, \PASSWORD_BCRYPT))->hash($plainPassword), $plainPassword));
     }