diff options
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/hash/hash.c | 3 | ||||
| -rw-r--r-- | ext/hash/tests/bug64745.phpt | 17 |
3 files changed, 24 insertions, 0 deletions
@@ -5,6 +5,10 @@ PHP NEWS -FPM: . Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi) +- Hash: + . Fixed Bug #64745 (hash_pbkdf2() truncates data when using default length + and hex output). (Anthony Ferrara) + 23 May 2013, PHP 5.5.0 Release Candidate 2 - Core: diff --git a/ext/hash/hash.c b/ext/hash/hash.c index 9492387dbb..9cede14125 100644 --- a/ext/hash/hash.c +++ b/ext/hash/hash.c @@ -659,6 +659,9 @@ PHP_FUNCTION(hash_pbkdf2) /* Setup Main Loop to build a long enough result */ if (length == 0) { length = ops->digest_size; + if (!raw_output) { + length = length * 2; + } } digest_length = length; if (!raw_output) { diff --git a/ext/hash/tests/bug64745.phpt b/ext/hash/tests/bug64745.phpt new file mode 100644 index 0000000000..427f89b728 --- /dev/null +++ b/ext/hash/tests/bug64745.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #64745 hash_pbkdf2() truncates data when using default length and hex output +--SKIPIF-- +<?php extension_loaded('hash') or die('skip'); ?> +--FILE-- +<?php +$hash = hash_pbkdf2('sha1', 'password', 'salt', 1, 0); +$rawHash = hash_pbkdf2('sha1', 'password', 'salt', 1, 0, true); + +var_dump($hash); +var_dump(bin2hex($rawHash)); + +?> +--EXPECT-- +string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6" +string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6" + |