diff options
| author | Grundik <grundik@ololo.cc> | 2017-02-18 05:53:13 +0300 |
|---|---|---|
| committer | Nikita Popov <nikita.ppv@gmail.com> | 2017-02-24 23:20:49 +0100 |
| commit | eac8166bd468a3c7c00b5163f6f86804911b660d (patch) | |
| tree | 58a3ce6ca89bdb3bd5bee78b5a803f1704a6efdf | |
| parent | 9450e23b3288100c07f2990cd0bce962ca56461b (diff) | |
| download | php-git-eac8166bd468a3c7c00b5163f6f86804911b660d.tar.gz | |
Fix bug #73127
gost-crypto hash was incorrect if input data contained long 0xFF
sequence, due to a carry-propagation bug.
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/hash/hash_gost.c | 5 | ||||
| -rw-r--r-- | ext/hash/tests/bug73127.phpt | 27 |
3 files changed, 33 insertions, 3 deletions
@@ -34,6 +34,10 @@ PHP NEWS . Fixed bug #69860 (php-fpm process accounting is broken with keepalive). (Denis Yeldandi) +- Hash: + . Fixed bug #73127 (gost-crypto hash incorrect if input data contains long + 0xFF sequence). (Grundik) + - GD: . Fixed bug #74031 (ReflectionFunction for imagepng is missing last two parameters). (finwe) diff --git a/ext/hash/hash_gost.c b/ext/hash/hash_gost.c index ed8ca15653..c17133786c 100644 --- a/ext/hash/hash_gost.c +++ b/ext/hash/hash_gost.c @@ -227,14 +227,13 @@ static inline void Gost(PHP_GOST_CTX *context, php_hash_uint32 data[8]) static inline void GostTransform(PHP_GOST_CTX *context, const unsigned char input[32]) { int i, j; - php_hash_uint32 data[8], temp = 0, save = 0; + php_hash_uint32 data[8], temp = 0; for (i = 0, j = 0; i < 8; ++i, j += 4) { data[i] = ((php_hash_uint32) input[j]) | (((php_hash_uint32) input[j + 1]) << 8) | (((php_hash_uint32) input[j + 2]) << 16) | (((php_hash_uint32) input[j + 3]) << 24); - save = context->state[i + 8]; context->state[i + 8] += data[i] + temp; - temp = ((context->state[i + 8] < data[i]) || (context->state[i + 8] < save)) ? 1 : 0; + temp = context->state[i + 8] < data[i] ? 1 : (context->state[i + 8] == data[i] ? temp : 0); } Gost(context, data); diff --git a/ext/hash/tests/bug73127.phpt b/ext/hash/tests/bug73127.phpt new file mode 100644 index 0000000000..d9f1f7dca1 --- /dev/null +++ b/ext/hash/tests/bug73127.phpt @@ -0,0 +1,27 @@ +--TEST-- +Bug #73127 (gost-crypto hash incorrect if input data contains long 0xFF sequence) +--FILE-- +<?php // $Id$ + +$test1 = str_repeat("\xFF", 40); +$test2 = str_repeat("\x00", 40); +echo hash('gost-crypto', $test1), + "\n", + hash('gost', $test1), + "\n", + hash('gost-crypto', $test2), + "\n", + hash('gost', $test2), + "\n", + hash('gost-crypto', ''), + "\n", + hash('gost', '') + ; +?> +--EXPECT-- +231d8bb980d3faa30fee6ec475df5669cf6c24bbce22f46d6737470043a99f8e +9eaf96ba62f90fae6707f1d4274d1a9d6680f5a121d4387815aa3a6ec42439c5 +bbf1f3179409c853cd3e396d67b0e10a266c218a4fd19f149c39aa4f6d37a007 +a0be0b90fea5a5b50c90c9429d07bb98fa0c06f0c30210e94c7d80c3125c67ac +981e5f3ca30c841487830f84fb433e13ac1101569b9c13584ac483234cd656c0 +ce85b99cc46752fffee35cab9a7b0278abb4c2d2055cff685af4912c49490f8d |