diff options
author | David Carlier <devnexen@gmail.com> | 2016-10-15 14:53:38 +0100 |
---|---|---|
committer | David Carlier <devnexen@gmail.com> | 2016-10-15 14:53:38 +0100 |
commit | 2464dbd5f3dda7ab69f9217d802d08af0334ec71 (patch) | |
tree | e8a6abc5848f686c0c5f116845c58ae679f6170a /ext/standard/crypt.c | |
parent | 2bd34885da3ccbab5b0007870b4f1e2a93052702 (diff) | |
download | php-git-2464dbd5f3dda7ab69f9217d802d08af0334ec71.tar.gz |
import explicit_bzero + strlc* functions update
since 1999 algorithms have changed and register k/w
not necessary anymore.
Diffstat (limited to 'ext/standard/crypt.c')
-rw-r--r-- | ext/standard/crypt.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index f2f778e764..99af6fb006 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -129,12 +129,12 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch crypt_res = php_sha512_crypt_r(password, salt, output, PHP_MAX_SALT_LEN); if (!crypt_res) { - memset(output, 0, PHP_MAX_SALT_LEN); + explicit_bzero(output, PHP_MAX_SALT_LEN); efree(output); return NULL; } else { result = zend_string_init(output, strlen(output), 0); - memset(output, 0, PHP_MAX_SALT_LEN); + explicit_bzero(output, PHP_MAX_SALT_LEN); efree(output); return result; } @@ -144,12 +144,12 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch crypt_res = php_sha256_crypt_r(password, salt, output, PHP_MAX_SALT_LEN); if (!crypt_res) { - memset(output, 0, PHP_MAX_SALT_LEN); + explicit_bzero(output, PHP_MAX_SALT_LEN); efree(output); return NULL; } else { result = zend_string_init(output, strlen(output), 0); - memset(output, 0, PHP_MAX_SALT_LEN); + explicit_bzero(output, PHP_MAX_SALT_LEN); efree(output); return result; } |