Fix #4427
diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php
index fd1b8f1..3c1e006 100644
--- a/system/helpers/captcha_helper.php
+++ b/system/helpers/captcha_helper.php
@@ -171,35 +171,36 @@
$byte_index = $word_index = 0;
while ($word_index < $word_length)
{
+ // Do we have more random data to use?
+ // It could be exhausted by previous iterations
+ // ignoring bytes higher than $rand_max.
+ if ($byte_index === $pool_length)
+ {
+ // No failures should be possible if the
+ // first get_random_bytes() call didn't
+ // return FALSE, but still ...
+ for ($i = 0; $i < 5; $i++)
+ {
+ if (($bytes = $security->get_random_bytes($pool_length)) === FALSE)
+ {
+ continue;
+ }
+
+ $byte_index = 0;
+ break;
+ }
+
+ if ($bytes === FALSE)
+ {
+ // Sadly, this means fallback to mt_rand()
+ $word = '';
+ break;
+ }
+ }
+
list(, $rand_index) = unpack('C', $bytes[$byte_index++]);
if ($rand_index > $rand_max)
{
- // Was this the last byte we have?
- // If so, try to fetch more.
- if ($byte_index === $pool_length)
- {
- // No failures should be possible if
- // the first get_random_bytes() call
- // didn't return FALSE, but still ...
- for ($i = 0; $i < 5; $i++)
- {
- if (($bytes = $security->get_random_bytes($pool_length)) === FALSE)
- {
- continue;
- }
-
- $byte_index = 0;
- break;
- }
-
- if ($bytes === FALSE)
- {
- // Sadly, this means fallback to mt_rand()
- $word = '';
- break;
- }
- }
-
continue;
}