diff options
author | Leigh <leigh@php.net> | 2016-07-05 16:02:34 +0100 |
---|---|---|
committer | Leigh <leigh@php.net> | 2016-07-05 16:02:34 +0100 |
commit | b21de28bb70117d9bfe73efeb7d6bb5691b043e5 (patch) | |
tree | 7c3657d3cdc3a34cd0b7bdfdb92db09fca180b3a /ext/standard/crypt.c | |
parent | 6d6ef7aacc7f9b17709d2f93b70b359c75011f89 (diff) | |
download | php-git-b21de28bb70117d9bfe73efeb7d6bb5691b043e5.tar.gz |
Fix some insecure usages of php_rand
Diffstat (limited to 'ext/standard/crypt.c')
-rw-r--r-- | ext/standard/crypt.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 9249d9d96b..3604e19b02 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -54,15 +54,12 @@ #include <process.h> #endif -#include "php_lcg.h" #include "php_crypt.h" -#include "php_rand.h" +#include "php_random.h" /* sha512 crypt has the maximal salt length of 123 characters */ #define PHP_MAX_SALT_LEN 123 -#define PHP_CRYPT_RAND php_rand() - /* Used to check DES salts to ensure that they contain only valid characters */ #define IS_VALID_SALT_CHARACTER(c) (((c) >= '.' && (c) <= '9') || ((c) >= 'A' && (c) <= 'Z') || ((c) >= 'a' && (c) <= 'z')) @@ -266,9 +263,8 @@ PHP_FUNCTION(crypt) /* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */ if (!*salt) { - strncpy(salt, "$1$", PHP_MAX_SALT_LEN); - php_to64(&salt[3], PHP_CRYPT_RAND, 4); - php_to64(&salt[7], PHP_CRYPT_RAND, 4); + strncpy(salt, "$1$", 3); + php_random_bytes_throw(&salt[3], 8); strncpy(&salt[11], "$", PHP_MAX_SALT_LEN - 11); salt_in_len = strlen(salt); } else { |