diff options
| author | Anthony Ferrara <ircmaxell@gmail.com> | 2015-10-18 18:53:43 -0400 |
|---|---|---|
| committer | Anatol Belski <ab@php.net> | 2015-12-14 09:41:13 +0100 |
| commit | 4054ec69da7631046f19d54ab06f09728a208b8b (patch) | |
| tree | dfe135ad5284fbe361e0d86f8b98e230bb17850a | |
| parent | fd7a9a2876e8f7ad0e39b345712de89645ece2a7 (diff) | |
| download | php-git-PHP-7.0.1.tar.gz | |
| -rw-r--r-- | ext/standard/password.c | 36 |
1 files changed, 5 insertions, 31 deletions
diff --git a/ext/standard/password.c b/ext/standard/password.c index 859dbe9d5f..6f0b31bfa2 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -30,6 +30,7 @@ #include "base64.h" #include "zend_interfaces.h" #include "info.h" +#include "php_random.h" #if PHP_WIN32 #include "win32/winutil.h" @@ -123,37 +124,10 @@ static int php_password_make_salt(size_t length, char *ret) /* {{{ */ buffer = (char *) safe_emalloc(raw_length, 1, 1); -#if PHP_WIN32 - { - BYTE *iv_b = (BYTE *) buffer; - if (php_win32_get_random_bytes(iv_b, raw_length) == SUCCESS) { - buffer_valid = 1; - } - } -#else - { - int fd, n; - size_t read_bytes = 0; - fd = open("/dev/urandom", O_RDONLY); - if (fd >= 0) { - while (read_bytes < raw_length) { - n = read(fd, buffer + read_bytes, raw_length - read_bytes); - if (n < 0) { - break; - } - read_bytes += (size_t) n; - } - close(fd); - } - if (read_bytes >= raw_length) { - buffer_valid = 1; - } - } -#endif - if (!buffer_valid) { - for (i = 0; i < raw_length; i++) { - buffer[i] ^= (char) (255.0 * php_rand() / RAND_MAX); - } + if (FAILURE == php_random_bytes_silent(buffer, raw_length)) { + php_error_docref(NULL, E_WARNING, "Unable to generate salt"); + efree(buffer); + return FAILURE; } result = safe_emalloc(length, 1, 1); |