diff options
| author | Stanislav Malyshev <stas@php.net> | 2015-09-01 11:42:19 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2015-09-01 11:42:19 -0700 |
| commit | 33d3acaae79845e8bd587b4d0799ef2dca07fdc3 (patch) | |
| tree | 7fc1fa822fca2ecdd604245d0995f443ad880bc2 /ext/hash/hash_haval.c | |
| parent | 15e9f4baf48f1a02091d1dbf505d9c6d561bc1d4 (diff) | |
| parent | 48cfd1160b4667115f33c4398215759d5e0643d8 (diff) | |
| download | php-git-33d3acaae79845e8bd587b4d0799ef2dca07fdc3.tar.gz | |
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Improve fix for #70172
Fix bug #70312 - HAVAL gives wrong hashes in specific cases
fix test
add test
Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
Fix bug #70172 - Use After Free Vulnerability in unserialize()
Fix bug #70388 - SOAP serialize_function_call() type confusion
Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
Improve fix for #70385
Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
Fix bug #70219 (Use after free vulnerability in session deserializer)
Fix for bug #69782
Add CVE IDs asigned (post release) to PHP 5.4.43
Add CVE IDs asigned to #69085 (PHP 5.4.39)
5.4.45 next
Conflicts:
configure.in
ext/pcre/php_pcre.c
ext/standard/var_unserializer.c
ext/standard/var_unserializer.re
main/php_version.h
Diffstat (limited to 'ext/hash/hash_haval.c')
| -rw-r--r-- | ext/hash/hash_haval.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/ext/hash/hash_haval.c b/ext/hash/hash_haval.c index 36f6caa9f5..2168fe0f03 100644 --- a/ext/hash/hash_haval.c +++ b/ext/hash/hash_haval.c @@ -336,7 +336,7 @@ PHP_HASH_API void PHP_HAVAL128Final(unsigned char *digest, PHP_HAVAL_CTX * conte /* Pad out to 118 mod 128. */ - index = (unsigned int) ((context->count[0] >> 3) & 0x3f); + index = (unsigned int) ((context->count[0] >> 3) & 0x7f); padLen = (index < 118) ? (118 - index) : (246 - index); PHP_HAVALUpdate(context, PADDING, padLen); @@ -390,7 +390,7 @@ PHP_HASH_API void PHP_HAVAL160Final(unsigned char *digest, PHP_HAVAL_CTX * conte /* Pad out to 118 mod 128. */ - index = (unsigned int) ((context->count[0] >> 3) & 0x3f); + index = (unsigned int) ((context->count[0] >> 3) & 0x7f); padLen = (index < 118) ? (118 - index) : (246 - index); PHP_HAVALUpdate(context, PADDING, padLen); @@ -444,7 +444,7 @@ PHP_HASH_API void PHP_HAVAL192Final(unsigned char *digest, PHP_HAVAL_CTX * conte /* Pad out to 118 mod 128. */ - index = (unsigned int) ((context->count[0] >> 3) & 0x3f); + index = (unsigned int) ((context->count[0] >> 3) & 0x7f); padLen = (index < 118) ? (118 - index) : (246 - index); PHP_HAVALUpdate(context, PADDING, padLen); @@ -484,7 +484,7 @@ PHP_HASH_API void PHP_HAVAL224Final(unsigned char *digest, PHP_HAVAL_CTX * conte /* Pad out to 118 mod 128. */ - index = (unsigned int) ((context->count[0] >> 3) & 0x3f); + index = (unsigned int) ((context->count[0] >> 3) & 0x7f); padLen = (index < 118) ? (118 - index) : (246 - index); PHP_HAVALUpdate(context, PADDING, padLen); @@ -525,7 +525,7 @@ PHP_HASH_API void PHP_HAVAL256Final(unsigned char *digest, PHP_HAVAL_CTX * conte /* Pad out to 118 mod 128. */ - index = (unsigned int) ((context->count[0] >> 3) & 0x3f); + index = (unsigned int) ((context->count[0] >> 3) & 0x7f); padLen = (index < 118) ? (118 - index) : (246 - index); PHP_HAVALUpdate(context, PADDING, padLen); |