diff options
| author | Frank Denis <github@pureftpd.org> | 2018-10-14 11:01:53 +0200 |
|---|---|---|
| committer | Frank Denis <github@pureftpd.org> | 2018-10-14 11:01:53 +0200 |
| commit | c4ea98455db3c7c56a7d00d15418fea4f18cc27b (patch) | |
| tree | 772502693ec2ce6407b8335069dfdfcdfd84b2a7 | |
| parent | 1670c4679dc414cf83371de85f8cc5083de21414 (diff) | |
| parent | 5d70165f632d8857f2e75975d5857fa29a68f3fc (diff) | |
| download | php-git-c4ea98455db3c7c56a7d00d15418fea4f18cc27b.tar.gz | |
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
ext/sodium: sodium_pad(): do not copy any bytes if the string is empty
ext/sodium: Fix sodium_pad() with blocksize >= 256
ext/sodium: Use a correct max output size for base64 decoding
ext/sodium: Avoid shifts wider than 32 bits on size_t values
| -rw-r--r-- | ext/sodium/libsodium.c | 21 | ||||
| -rw-r--r-- | ext/sodium/tests/utils.phpt | 7 |
2 files changed, 21 insertions, 7 deletions
diff --git a/ext/sodium/libsodium.c b/ext/sodium/libsodium.c index f9276b4aac..1c3b743d84 100644 --- a/ext/sodium/libsodium.c +++ b/ext/sodium/libsodium.c @@ -2780,7 +2780,7 @@ PHP_FUNCTION(sodium_base642bin) "invalid base64 variant identifier", 0); return; } - bin_len = b64_len / 4U * 3U; + bin_len = b64_len / 4U * 3U + 1U; bin = zend_string_alloc(bin_len, 0); if (sodium_base642bin((unsigned char *) ZSTR_VAL(bin), bin_len, b64, b64_len, @@ -3402,11 +3402,17 @@ PHP_FUNCTION(sodium_pad) st = 1U; i = 0U; k = unpadded_len; - for (j = 0U; j <= xpadded_len; j++) { - ZSTR_VAL(padded)[j] = unpadded[i]; - k -= st; - st = (~(((((k >> 48) | (k >> 32) | (k >> 16) | k) & 0xffff) - 1U) >> 16)) & 1U; - i += st; + if (unpadded_len > 0) { + st = 1U; + i = 0U; + k = unpadded_len; + for (j = 0U; j <= xpadded_len; j++) { + ZSTR_VAL(padded)[j] = unpadded[i]; + k -= st; + st = (size_t) (~(((( (((uint64_t) k) >> 48) | (((uint64_t) k) >> 32) | + (k >> 16) | k) & 0xffff) - 1U) >> 16)) & 1U; + i += st; + } } #if SODIUM_LIBRARY_VERSION_MAJOR > 9 || (SODIUM_LIBRARY_VERSION_MAJOR == 9 && SODIUM_LIBRARY_VERSION_MINOR >= 6) if (sodium_pad(NULL, (unsigned char *) ZSTR_VAL(padded), unpadded_len, @@ -3423,7 +3429,8 @@ PHP_FUNCTION(sodium_pad) tail = &ZSTR_VAL(padded)[xpadded_len]; mask = 0U; for (i = 0; i < blocksize; i++) { - barrier_mask = (unsigned char) (((i ^ xpadlen) - 1U) >> 8); + barrier_mask = (unsigned char) + (((i ^ xpadlen) - 1U) >> ((sizeof(size_t) - 1U) * CHAR_BIT)); tail[-i] = (tail[-i] & mask) | (0x80 & barrier_mask); mask |= barrier_mask; } diff --git a/ext/sodium/tests/utils.phpt b/ext/sodium/tests/utils.phpt index ff380ff78c..4f99f75671 100644 --- a/ext/sodium/tests/utils.phpt +++ b/ext/sodium/tests/utils.phpt @@ -86,6 +86,12 @@ if (defined('SODIUM_BASE64_VARIANT_ORIGINAL')) { } catch (Exception $e) { var_dump('base64("O") case passed'); } + var_dump(sodium_base642bin('YWJjZA', SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING)); +} else { + var_dump('base64("O1R") case passed'); + var_dump('base64("O1") case passed'); + var_dump('base64("O") case passed'); + var_dump('abcd'); } ?> @@ -107,3 +113,4 @@ bool(true) string(25) "base64("O1R") case passed" string(24) "base64("O1") case passed" string(23) "base64("O") case passed" +string(4) "abcd" |