Mirrors
/
php
mirror of https://github.com/php/php-src
3
0
Fork 0
Code Releases Activity
Browse Source

mhash_keygen_s2k() overwrote the limits of a statically allocated buffer 

for long salts.  We truncate the salt now appropiately.

PR: #11817
experimental/pre_new_hash_func
Sascha Schumann 25 years ago
parent
1b0356e0f7
commit
da3b899dd8
1 changed files with 4 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      ext/mhash/mhash.c

7
ext/mhash/mhash.c
View File

@ -225,7 +225,7 @@ PHP_FUNCTION(mhash_keygen_s2k)
password = Z_STRVAL_PP(input_password);
password_len = Z_STRLEN_PP(input_password);
salt_len = Z_STRLEN_PP(input_salt);
salt_len = MIN(Z_STRLEN_PP(input_salt), SALT_SIZE);
if (salt_len > mhash_get_keygen_salt_size(KEYGEN_S2K_SALTED)) {
sprintf( error, "The specified salt [%d] is more bytes than the required by the algorithm [%d]\n", salt_len, mhash_get_keygen_salt_size(KEYGEN_S2K_SALTED));
@ -233,8 +233,9 @@ PHP_FUNCTION(mhash_keygen_s2k)
php_error(E_WARNING, error);
}
memset( salt, 0, SALT_SIZE);
memcpy( salt, Z_STRVAL_PP(input_salt), salt_len);
memcpy(salt, Z_STRVAL_PP(input_salt), salt_len);
if (salt_len < SALT_SIZE)
memset(salt + salt_len, 0, SALT_SIZE - salt_len);
salt_len=SALT_SIZE;
/* if (salt_len==0) {

Write Preview
Loading…
Cancel
Save