From 5ff999d69d89aecfd946aab367914a5161ac1efd Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Fri, 12 Sep 2014 13:32:59 +0200
Subject: [PATCH] Return false in case one of the values is null

---
 lib/private/security/stringutils.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/private/security/stringutils.php b/lib/private/security/stringutils.php
index 33a3a708012..ecba655ebd6 100644
--- a/lib/private/security/stringutils.php
+++ b/lib/private/security/stringutils.php
@@ -25,6 +25,10 @@ class StringUtils {
 	 */
 	public static function equals($expected, $input) {
 
+		if(!is_string($expected) || !is_string($input)) {
+			return false;
+		}
+
 		if(function_exists('hash_equals')) {
 			return hash_equals($expected, $input);
 		}
-- 
2.39.5