diff options
| author | Pierre Joye <pajoye@php.net> | 2010-02-21 23:47:14 +0000 |
|---|---|---|
| committer | Pierre Joye <pajoye@php.net> | 2010-02-21 23:47:14 +0000 |
| commit | 0179fca3453fc26c764304328dce417c2d542fce (patch) | |
| tree | 275275309ef8b2dc528479a9abbd0b8427fbe4ba | |
| parent | 2e2c317860cfc610ec792bfbe0caf1ebab23e11d (diff) | |
| download | php-git-0179fca3453fc26c764304328dce417c2d542fce.tar.gz | |
- Corrected the sanity check of the "setting" string in _crypt_blowfish_rn() to
reject iteration counts encoded as 36 through 39. Previously, these would be
misinterpreted as being the same as 04 through 07. (Solar Designer)
| -rw-r--r-- | ext/standard/crypt_blowfish.c | 1 | ||||
| -rw-r--r-- | ext/standard/tests/strings/crypt_blowfish_invalid_rounds.phpt | 2 |
2 files changed, 1 insertions, 2 deletions
diff --git a/ext/standard/crypt_blowfish.c b/ext/standard/crypt_blowfish.c index 2ffd093700..6c99a396d5 100644 --- a/ext/standard/crypt_blowfish.c +++ b/ext/standard/crypt_blowfish.c @@ -606,6 +606,7 @@ char *php_crypt_blowfish_rn(__CONST char *key, __CONST char *setting, setting[3] != '$' || setting[4] < '0' || setting[4] > '3' || setting[5] < '0' || setting[5] > '9' || + (setting[4] == '3' && setting[5] > '1') || setting[6] != '$') { __set_errno(EINVAL); return NULL; diff --git a/ext/standard/tests/strings/crypt_blowfish_invalid_rounds.phpt b/ext/standard/tests/strings/crypt_blowfish_invalid_rounds.phpt index 03c6c8392a..6d40b0770e 100644 --- a/ext/standard/tests/strings/crypt_blowfish_invalid_rounds.phpt +++ b/ext/standard/tests/strings/crypt_blowfish_invalid_rounds.phpt @@ -1,7 +1,5 @@ --TEST-- Test Blowfish crypt() with invalid rounds ---XFAIL-- -Needs a patch from Pierre --FILE-- <?php |