diff options
author | Nikita Popov <nikic@php.net> | 2012-06-29 12:47:37 +0200 |
---|---|---|
committer | Nikita Popov <nikic@php.net> | 2012-06-29 13:11:43 +0200 |
commit | e6cf7d774519300c08399cae5bfba90e33749727 (patch) | |
tree | 8f8dc0c5e4e1b63522279c20d51b18470dfd9c6b /ext/standard/dns_win32.c | |
parent | 7e8276ca68fc622124d51d18e4f7b5cde3536de4 (diff) | |
download | php-git-e6cf7d774519300c08399cae5bfba90e33749727.tar.gz |
Fix some lengths in crypt()
Use salt_len_in instead of strlen(salt) or PHP_MAX_SALT_LEN, otherwise too
much memory will be allocated.
sha512 has a 86 character checksum, not 43. That probably was a copy&paste
from the sha256 code which indeed has 43.
The allocation also was using sizeof(char *), thus allocating 4 or 8 times
as much memory as necessary. The sizeof(char *) was removed in the 5.4
branch in b7a92c9 but forgotten on 5.3.
The memset 0 call was using PHP_MAX_SALT_LEN which can be smaller than the
output buffer and thus not zeroing out everything. Use the size of the
output buffer (needed) instead.
Diffstat (limited to 'ext/standard/dns_win32.c')
0 files changed, 0 insertions, 0 deletions