diff options
author | Anatol Belski <ab@php.net> | 2017-07-17 08:00:41 +0200 |
---|---|---|
committer | Anatol Belski <ab@php.net> | 2017-07-17 08:01:26 +0200 |
commit | 6e4f3d1967a8e7ab858262c5515e67b2f8912320 (patch) | |
tree | 3b50b8a5059048b8292b6e0d17373f7c3328d158 /ext/standard/password.c | |
parent | 9780d16376803744c77135e0a6ae149e88954dc4 (diff) | |
download | php-git-6e4f3d1967a8e7ab858262c5515e67b2f8912320.tar.gz |
fix new password related pieces wrt failing tests
Diffstat (limited to 'ext/standard/password.c')
-rw-r--r-- | ext/standard/password.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/ext/standard/password.c b/ext/standard/password.c index 0e8efb6244..680eed47a8 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -341,7 +341,7 @@ PHP_FUNCTION(password_verify) } /* }}} */ -static zend_string* php_password_get_salt(zval *return_value, int required_salt_len, HashTable *options) { +static zend_string* php_password_get_salt(zval *return_value, size_t required_salt_len, HashTable *options) { zend_string *buffer; zval *option_buffer; @@ -377,7 +377,7 @@ static zend_string* php_password_get_salt(zval *return_value, int required_salt_ /* XXX all the crypt related APIs work with int for string length. That should be revised for size_t and then we maybe don't require the > INT_MAX check. */ - if (ZSTR_LEN(buffer) > INT_MAX) { + if (ZEND_SIZE_T_INT_OVFL(ZSTR_LEN(buffer))) { php_error_docref(NULL, E_WARNING, "Supplied salt is too long"); zend_string_release(buffer); return NULL; @@ -443,8 +443,8 @@ PHP_FUNCTION(password_hash) RETURN_NULL(); } - hash_format_len = snprintf(hash_format, sizeof(hash_format), "$2y$%02ld$", (long) cost); - if (!(salt = php_password_get_salt(return_value, 22, options))) { + hash_format_len = snprintf(hash_format, sizeof(hash_format), "$2y$%02" ZEND_LONG_FMT_SPEC "$", cost); + if (!(salt = php_password_get_salt(return_value, Z_UL(22), options))) { return; } ZSTR_VAL(salt)[ZSTR_LEN(salt)] = 0; @@ -510,7 +510,7 @@ PHP_FUNCTION(password_hash) RETURN_NULL(); } - if (!(salt = php_password_get_salt(return_value, 16, options))) { + if (!(salt = php_password_get_salt(return_value, Z_UL(16), options))) { return; } |