diff options
| author | Sascha Schumann <sas@php.net> | 2001-07-01 11:20:56 +0000 |
|---|---|---|
| committer | Sascha Schumann <sas@php.net> | 2001-07-01 11:20:56 +0000 |
| commit | da3b899dd8023bc7590af8852270dcc035c19fe8 (patch) | |
| tree | df602044ed0c6e1e86e5e658c3b8b7689efbee86 /ext/mhash | |
| parent | 1b0356e0f7fc5a7327c8033dc6a21817d01f0755 (diff) | |
| download | php-git-da3b899dd8023bc7590af8852270dcc035c19fe8.tar.gz | |
mhash_keygen_s2k() overwrote the limits of a statically allocated buffer
for long salts. We truncate the salt now appropiately.
PR: #11817
Diffstat (limited to 'ext/mhash')
| -rw-r--r-- | ext/mhash/mhash.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/ext/mhash/mhash.c b/ext/mhash/mhash.c index 75d86c5bbf..70d0dda27b 100644 --- a/ext/mhash/mhash.c +++ b/ext/mhash/mhash.c @@ -225,7 +225,7 @@ PHP_FUNCTION(mhash_keygen_s2k) password = Z_STRVAL_PP(input_password); password_len = Z_STRLEN_PP(input_password); - salt_len = Z_STRLEN_PP(input_salt); + salt_len = MIN(Z_STRLEN_PP(input_salt), SALT_SIZE); if (salt_len > mhash_get_keygen_salt_size(KEYGEN_S2K_SALTED)) { sprintf( error, "The specified salt [%d] is more bytes than the required by the algorithm [%d]\n", salt_len, mhash_get_keygen_salt_size(KEYGEN_S2K_SALTED)); @@ -233,8 +233,9 @@ PHP_FUNCTION(mhash_keygen_s2k) php_error(E_WARNING, error); } - memset( salt, 0, SALT_SIZE); - memcpy( salt, Z_STRVAL_PP(input_salt), salt_len); + memcpy(salt, Z_STRVAL_PP(input_salt), salt_len); + if (salt_len < SALT_SIZE) + memset(salt + salt_len, 0, SALT_SIZE - salt_len); salt_len=SALT_SIZE; /* if (salt_len==0) { |