Hi!
On 7/19/11 4:44 PM, Solar Designer wrote:
Hi,
These tests fail in trunk on my x86_64 build:
crypt_sha256.phpt
crypt_variation1.phpt
The differences are like this:
Expected:<$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5>
Got<$5$saltst$JTS/fkywz8NvjeCGmWDndJPi7ZrRFhQKBLNtQZWE2C3>
That is, the salts are truncated. There's a relevant recent change in
crypt.c involving the line:
Yes, we had buffer overflow error there since the buffer salt[] was
PHP_MAX_SALT_LEN+1 but if salt was longer salt[salt_in_len] later wrote
0 into bad place.
But for SHA max salt len should be something like 123, so I wonder how
comes it got truncated in that case.
--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
