From c081ce628f0d76d44784d7bb8e06428b06142ac0 Mon Sep 17 00:00:00 2001 From: Xinchen Hui Date: Fri, 3 Jan 2014 11:08:10 +0800 Subject: Bump year --- ext/standard/php_crypt_r.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ext/standard/php_crypt_r.c') diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c index 8497994625..3098f247ef 100644 --- a/ext/standard/php_crypt_r.c +++ b/ext/standard/php_crypt_r.c @@ -3,7 +3,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2013 The PHP Group | + | Copyright (c) 1997-2014 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | -- cgit v1.2.1 From 8d075b6e4dbf4599e7d26aa3f7043e81089ca078 Mon Sep 17 00:00:00 2001 From: Anatol Belski Date: Sun, 14 Sep 2014 11:48:51 +0200 Subject: better way to zero away sensitive data memset could be optimized away by the compiler --- ext/standard/php_crypt_r.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ext/standard/php_crypt_r.c') diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c index 3098f247ef..4917ebce2f 100644 --- a/ext/standard/php_crypt_r.c +++ b/ext/standard/php_crypt_r.c @@ -206,7 +206,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) { } /* Don't leave anything around in vm they could use. */ - memset(final, 0, sizeof(final)); + RtlSecureZeroMemory(final, sizeof(final)); /* Then something really weird... */ for (i = pwl; i != 0; i >>= 1) { @@ -288,7 +288,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) { *p = '\0'; - memset(final, 0, sizeof(final)); + RtlSecureZeroMemory(final, sizeof(final)); _destroyCtx1: -- cgit v1.2.1 From c45f4f546180d5d4fa83bfcdaad94ec52c9cc274 Mon Sep 17 00:00:00 2001 From: Anatol Belski Date: Fri, 19 Sep 2014 01:46:14 +0200 Subject: generalized the case with secure memory zeroing --- ext/standard/php_crypt_r.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ext/standard/php_crypt_r.c') diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c index 4917ebce2f..da0e87bc1c 100644 --- a/ext/standard/php_crypt_r.c +++ b/ext/standard/php_crypt_r.c @@ -206,7 +206,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) { } /* Don't leave anything around in vm they could use. */ - RtlSecureZeroMemory(final, sizeof(final)); + ZEND_SECURE_ZERO(final, sizeof(final)); /* Then something really weird... */ for (i = pwl; i != 0; i >>= 1) { @@ -288,7 +288,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) { *p = '\0'; - RtlSecureZeroMemory(final, sizeof(final)); + ZEND_SECURE_ZERO(final, sizeof(final)); _destroyCtx1: -- cgit v1.2.1 From d0cb715373c3fbe9dc095378ec5ed8c71f799f67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johannes=20Schl=C3=BCter?= Date: Fri, 19 Sep 2014 18:33:14 +0200 Subject: s/PHP 5/PHP 7/ --- ext/standard/php_crypt_r.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ext/standard/php_crypt_r.c') diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c index da0e87bc1c..dc4e27b112 100644 --- a/ext/standard/php_crypt_r.c +++ b/ext/standard/php_crypt_r.c @@ -1,7 +1,7 @@ /* $Id$ */ /* +----------------------------------------------------------------------+ - | PHP Version 5 | + | PHP Version 7 | +----------------------------------------------------------------------+ | Copyright (c) 1997-2014 The PHP Group | +----------------------------------------------------------------------+ -- cgit v1.2.1