Fix some insecure usages of php_rand

1 files changed, 3 insertions, 7 deletions

diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
index 9249d9d96b..3604e19b02 100644
--- a/ext/standard/crypt.c
+++ b/ext/standard/crypt.c
@@ -54,15 +54,12 @@
 #include <process.h>
 #endif
 
-#include "php_lcg.h"
 #include "php_crypt.h"
-#include "php_rand.h"
+#include "php_random.h"
 
 /* sha512 crypt has the maximal salt length of 123 characters */
 #define PHP_MAX_SALT_LEN 123
 
-#define PHP_CRYPT_RAND php_rand()
-
 /* Used to check DES salts to ensure that they contain only valid characters */
 #define IS_VALID_SALT_CHARACTER(c) (((c) >= '.' && (c) <= '9') || ((c) >= 'A' && (c) <= 'Z') || ((c) >= 'a' && (c) <= 'z'))
 
@@ -266,9 +263,8 @@ PHP_FUNCTION(crypt)
 
 	/* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */
 	if (!*salt) {
-		strncpy(salt, "$1$", PHP_MAX_SALT_LEN);
-		php_to64(&salt[3], PHP_CRYPT_RAND, 4);
-		php_to64(&salt[7], PHP_CRYPT_RAND, 4);
+		strncpy(salt, "$1$", 3);
+		php_random_bytes_throw(&salt[3], 8);
 		strncpy(&salt[11], "$", PHP_MAX_SALT_LEN - 11);
 		salt_in_len = strlen(salt);
 	} else {