Fix bug: #8834. Now there should be more random salts..

5 files changed, 26 insertions, 6 deletions

diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 4063d78468..2eb15a1964 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -747,7 +747,6 @@ PHP_MINIT_FUNCTION(basic)
 	PHP_MINIT(file)(INIT_FUNC_ARGS_PASSTHRU);
 	PHP_MINIT(pack)(INIT_FUNC_ARGS_PASSTHRU);
 	PHP_MINIT(browscap)(INIT_FUNC_ARGS_PASSTHRU);
-	PHP_MINIT(lcg)(INIT_FUNC_ARGS_PASSTHRU);
 #if defined(HAVE_LOCALECONV) && defined(ZTS)
 	PHP_MINIT(localeconv)(INIT_FUNC_ARGS_PASSTHRU);
 #endif
@@ -834,6 +833,11 @@ PHP_RINIT_FUNCTION(basic)
 #endif
 	BG(user_shutdown_function_names)=NULL;
 
+#ifdef HAVE_CRYPT
+	PHP_RINIT(crypt)(INIT_FUNC_ARGS_PASSTHRU);
+#endif
+
+	PHP_RINIT(lcg)(INIT_FUNC_ARGS_PASSTHRU);
 	PHP_RINIT(head)(INIT_FUNC_ARGS_PASSTHRU);
 	PHP_RINIT(filestat)(INIT_FUNC_ARGS_PASSTHRU);
 	PHP_RINIT(syslog)(INIT_FUNC_ARGS_PASSTHRU);
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
index 41f35cd31b..011242acc0 100644
--- a/ext/standard/crypt.c
+++ b/ext/standard/crypt.c
@@ -89,6 +89,7 @@ extern char *crypt(char *__key,char *__salt);
 
 #define PHP_CRYPT_RAND php_rand()
 
+static int php_crypt_rand_seeded=0;
 
 PHP_MINIT_FUNCTION(crypt)
 {
@@ -102,11 +103,20 @@ PHP_MINIT_FUNCTION(crypt)
 	REGISTER_LONG_CONSTANT("CRYPT_MD5", PHP_MD5_CRYPT, CONST_CS | CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("CRYPT_BLOWFISH", PHP_BLOWFISH_CRYPT, CONST_CS | CONST_PERSISTENT);
 
-	php_srand(time(0) * getpid() * (php_combined_lcg() * 10000.0));
+	return SUCCESS;
+}
+
 
+PHP_RINIT_FUNCTION(crypt)
+{
+	if(!php_crypt_rand_seeded) {
+		php_srand(time(0) * getpid() * (php_combined_lcg() * 10000.0));
+		php_crypt_rand_seeded=1;
+	} 
 	return SUCCESS;
 }
 
+
 static unsigned char itoa64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 
 static void php_to64(char *s, long v, int n)	{
diff --git a/ext/standard/lcg.c b/ext/standard/lcg.c
index be43a77124..31321a6c81 100644
--- a/ext/standard/lcg.c
+++ b/ext/standard/lcg.c
@@ -31,6 +31,8 @@ int lcg_globals_id;
 static php_lcg_globals lcg_globals;
 #endif
 
+static int php_lcg_initialized = 0;
+
 #ifdef PHP_WIN32
 #include <process.h>
 #endif
@@ -71,13 +73,16 @@ static void lcg_init_globals(LCGLS_D)
 #endif
 }
 
-PHP_MINIT_FUNCTION(lcg)
+PHP_RINIT_FUNCTION(lcg)
 {
+	if (!php_lcg_initialized) {
 #ifdef ZTS
-	lcg_globals_id = ts_allocate_id(sizeof(php_lcg_globals), (ts_allocate_ctor) lcg_init_globals, NULL);
+		lcg_globals_id = ts_allocate_id(sizeof(php_lcg_globals), (ts_allocate_ctor) lcg_init_globals, NULL);
 #else
-	lcg_init_globals();
+		lcg_init_globals();
 #endif
+		php_lcg_initialized = 1;
+	}
 	return SUCCESS;
 }
 
diff --git a/ext/standard/php_crypt.h b/ext/standard/php_crypt.h
index e6c6db1841..4869ccf43e 100644
--- a/ext/standard/php_crypt.h
+++ b/ext/standard/php_crypt.h
@@ -26,6 +26,7 @@
 PHP_FUNCTION(crypt);
 #if HAVE_CRYPT
 extern PHP_MINIT_FUNCTION(crypt);
+extern PHP_RINIT_FUNCTION(crypt);
 #endif
 
 #endif
diff --git a/ext/standard/php_lcg.h b/ext/standard/php_lcg.h
index 2d88e582e6..a6d8b0c0a4 100644
--- a/ext/standard/php_lcg.h
+++ b/ext/standard/php_lcg.h
@@ -28,7 +28,7 @@ typedef struct {
 
 double php_combined_lcg(void);
 PHP_FUNCTION(lcg_value);
-PHP_MINIT_FUNCTION(lcg);
+PHP_RINIT_FUNCTION(lcg);
 
 #ifdef ZTS
 #define LCGLS_D php_lcg_globals *lcg_globals