diff options
author | Stanislav Malyshev <stas@php.net> | 2014-11-30 21:39:26 -0800 |
---|---|---|
committer | Stanislav Malyshev <stas@php.net> | 2014-11-30 21:39:49 -0800 |
commit | 720ba679485cb7120911af8013b7b6ab72a47884 (patch) | |
tree | 494eca3623429aa0b45874830f25bb4d206f133e /ext/standard/crypt.c | |
parent | 4675b79e65e7eea3f3e6343236e1c5ed335d88bf (diff) | |
parent | f7eedbe9a685d6047dc04b29121980c2c6773251 (diff) | |
download | php-git-720ba679485cb7120911af8013b7b6ab72a47884.tar.gz |
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
update news
update news
update NEWS
Apply error-code-salt fix to Windows too
Bug fixes in light of failing bcrypt tests
Add tests from 1.3. Add missing tests.
Upgrade crypt_blowfish to version 1.3
Apply error-code-salt fix to Windows too
Bug fixes in light of failing bcrypt tests
Add tests from 1.3. Add missing tests.
Upgrade crypt_blowfish to version 1.3
Diffstat (limited to 'ext/standard/crypt.c')
-rw-r--r-- | ext/standard/crypt.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 3419f09dd7..687befbae1 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -196,7 +196,6 @@ PHPAPI int php_crypt(const char *password, const int pass_len, const char *salt, } else if ( salt[0] == '$' && salt[1] == '2' && - salt[2] >= 'a' && salt[2] <= 'z' && salt[3] == '$' && salt[4] >= '0' && salt[4] <= '3' && salt[5] >= '0' && salt[5] <= '9' && @@ -219,7 +218,7 @@ PHPAPI int php_crypt(const char *password, const int pass_len, const char *salt, _crypt_extended_init_r(); crypt_res = _crypt_extended_r(password, salt, &buffer); - if (!crypt_res) { + if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) { return FAILURE; } else { *result = estrdup(crypt_res); @@ -240,7 +239,7 @@ PHPAPI int php_crypt(const char *password, const int pass_len, const char *salt, # error Data struct used by crypt_r() is unknown. Please report. # endif crypt_res = crypt_r(password, salt, &buffer); - if (!crypt_res) { + if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) { return FAILURE; } else { *result = estrdup(crypt_res); |