[PHP-CVS] com php-src: Fix return types of password API helper functions.: NEWS ext/standard/password.c
Commit:83e3466898abcde99d0bd0b3dadc43b416e5cde6
Author:Anthony Ferrara ircmax...@gmail.com Wed, 21 Aug 2013
12:10:40 -0400
Parents: 4283f75c347a105e53ae38fc96e614671df53f1b
Branches: PHP-5.5 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=83e3466898abcde99d0bd0b3dadc43b416e5cde6
Log:
Fix return types of password API helper functions.
This fixes issues that were found during static analysis by cjones where
failure was impossible to detect due to return type mangling (casting an int to
a char, then comparing to an int).
Changed paths:
M NEWS
M ext/standard/password.c
Diff:
diff --git a/NEWS b/NEWS
index 1902520..75a0b3c 100644
--- a/NEWS
+++ b/NEWS
@@ -21,6 +21,10 @@ PHP
NEWS
. Fixed bug #51127/#65359 Request #25630/#43980/#54383 (Added php_serialize
session serialize handler that uses plain serialize()). (Yasuo)
+- Standard:
+ . Fix issue with return types of password API helper functions. Found via
static
+analysis by cjones. (Anthony Ferrara)
+
22 Aug 2013, PHP 5.5.3
- Openssl:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 2127991..ca85203 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -66,20 +66,20 @@ static php_password_algo php_password_determine_algo(const
char *hash, const siz
return PHP_PASSWORD_UNKNOWN;
}
-static zend_bool php_password_salt_is_alphabet(const char *str, const size_t
len) /* {{{ */
+static int php_password_salt_is_alphabet(const char *str, const size_t len) /*
{{{ */
{
size_t i = 0;
for (i = 0; i len; i++) {
if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a'
str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i]
== '/')) {
- return 0;
+ return FAILURE;
}
}
- return 1;
+ return SUCCESS;
}
/* }}} */
-static zend_bool php_password_salt_to64(const char *str, const size_t str_len,
const size_t out_len, char *ret) /* {{{ */
+static int php_password_salt_to64(const char *str, const size_t str_len, const
size_t out_len, char *ret) /* {{{ */
{
size_t pos = 0;
size_t ret_len = 0;
@@ -108,7 +108,7 @@ static zend_bool php_password_salt_to64(const char *str,
const size_t str_len, c
}
/* }}} */
-static zend_bool php_password_make_salt(size_t length, char *ret TSRMLS_DC) /*
{{{ */
+static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */
{
int buffer_valid = 0;
size_t i, raw_length;
@@ -395,7 +395,7 @@ PHP_FUNCTION(password_hash)
efree(buffer);
php_error_docref(NULL TSRMLS_CC, E_WARNING, Provided
salt is too short: %lu expecting %lu, (unsigned long) buffer_len, (unsigned
long) required_salt_len);
RETURN_NULL();
- } else if (0 == php_password_salt_is_alphabet(buffer,
buffer_len)) {
+ } else if (php_password_salt_is_alphabet(buffer, buffer_len) ==
FAILURE) {
salt = safe_emalloc(required_salt_len, 1, 1);
if (php_password_salt_to64(buffer, buffer_len,
required_salt_len, salt) == FAILURE) {
efree(hash_format);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix #64745 hash_pbkdf2 truncation issue: NEWS ext/hash/hash.c ext/hash/tests/bug64745.phpt
Commit:540a5a52e89fce6da19d6f79dd1eda587a25b396
Author:Anthony Ferrara ircmax...@gmail.com Tue, 28 May 2013
15:30:45 -0400
Parents: 2f01e06786c6f4b2479fdb728bd26062d07208e0
Branches: PHP-5.5 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=540a5a52e89fce6da19d6f79dd1eda587a25b396
Log:
Fix #64745 hash_pbkdf2 truncation issue
When using hash_pbkdf2 with hex output and 0 length (auto), it incorrectly
truncates the result to 1/2 the expected result.
Bugs:
https://bugs.php.net/64745
Changed paths:
M NEWS
M ext/hash/hash.c
A ext/hash/tests/bug64745.phpt
Diff:
diff --git a/NEWS b/NEWS
index b9a2226..d2d8aae 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,10 @@ PHP
NEWS
-FPM:
. Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi)
+- Hash:
+ . Fixed Bug #64745 (hash_pbkdf2() truncates data when using default length
+and hex output). (Anthony Ferrara)
+
23 May 2013, PHP 5.5.0 Release Candidate 2
- Core:
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 9492387..9cede14 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -659,6 +659,9 @@ PHP_FUNCTION(hash_pbkdf2)
/* Setup Main Loop to build a long enough result */
if (length == 0) {
length = ops-digest_size;
+ if (!raw_output) {
+ length = length * 2;
+ }
}
digest_length = length;
if (!raw_output) {
diff --git a/ext/hash/tests/bug64745.phpt b/ext/hash/tests/bug64745.phpt
new file mode 100644
index 000..427f89b
--- /dev/null
+++ b/ext/hash/tests/bug64745.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #64745 hash_pbkdf2() truncates data when using default length and hex
output
+--SKIPIF--
+?php extension_loaded('hash') or die('skip'); ?
+--FILE--
+?php
+$hash = hash_pbkdf2('sha1', 'password', 'salt', 1, 0);
+$rawHash = hash_pbkdf2('sha1', 'password', 'salt', 1, 0, true);
+
+var_dump($hash);
+var_dump(bin2hex($rawHash));
+
+?
+--EXPECT--
+string(40) 0c60c80f961f0e71f3a9b524af6012062fe037a6
+string(40) 0c60c80f961f0e71f3a9b524af6012062fe037a6
+
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: News entry for CURL notice addition: NEWS
Commit:c4ce96d073da66c04ebe1c74f38138d33a5e6fd4 Author:Anthony Ferrara ircmax...@gmail.com Thu, 25 Oct 2012 16:04:56 -0400 Parents: f68f31f1211f4f3fe8c692269e916358110fa73d Branches: PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=c4ce96d073da66c04ebe1c74f38138d33a5e6fd4 Log: News entry for CURL notice addition Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index 8a322a9..10694f6 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,10 @@ PHP NEWS - Core: . Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence) +- Curl: + . Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST). +Patch by John Jawed GitHub PR #221 (Anthony) + - Fileinfo: . Fixed bug #63248 (Load multiple magic files from a directory under Windows). (Anatoliy) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Notice if CURLOPT_SSL_VERIFYHOST is set to true: ext/curl/interface.c ext/curl/tests/bug63363.phpt
Commit:3b85d09de7347b16024530579e46f89d587a2e18
Author:John Jawed (JJ) ja...@php.net Wed, 24 Oct 2012 21:47:47
-0700
Parents: 7b4a53e26344ede3534c6ce7ea5973cd4082c90e
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=3b85d09de7347b16024530579e46f89d587a2e18
Log:
Notice if CURLOPT_SSL_VERIFYHOST is set to true
Changed paths:
M ext/curl/interface.c
A ext/curl/tests/bug63363.phpt
Diff:
diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index d9abece..eb7ed8d 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -2014,6 +2014,10 @@ static int _php_curl_setopt(php_curl *ch, long option,
zval **zvalue, zval *retu
switch (option) {
/* Long options */
+ case CURLOPT_SSL_VERIFYHOST:
+ if(Z_TYPE_PP(zvalue)==IS_BOOL Z_BVAL_PP(zvalue)) {
+ php_error_docref(NULL TSRMLS_CC, E_NOTICE,
CURLOPT_SSL_VERIFYHOST set to true which disables common name validation
(setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation));
+ }
case CURLOPT_AUTOREFERER:
case CURLOPT_BUFFERSIZE:
case CURLOPT_CLOSEPOLICY:
@@ -2048,7 +2052,6 @@ static int _php_curl_setopt(php_curl *ch, long option,
zval **zvalue, zval *retu
case CURLOPT_PUT:
case CURLOPT_RESUME_FROM:
case CURLOPT_SSLVERSION:
- case CURLOPT_SSL_VERIFYHOST:
case CURLOPT_SSL_VERIFYPEER:
case CURLOPT_TIMECONDITION:
case CURLOPT_TIMEOUT:
diff --git a/ext/curl/tests/bug63363.phpt b/ext/curl/tests/bug63363.phpt
new file mode 100644
index 000..43deaa2
--- /dev/null
+++ b/ext/curl/tests/bug63363.phpt
@@ -0,0 +1,29 @@
+--TEST--
+Bug #63363 (CURL silently accepts boolean value for SSL_VERIFYHOST)
+--SKIPIF--
+?php
+if (!extension_loaded(curl)) {
+exit(skip curl extension not loaded);
+}
+
+?
+--FILE--
+?php
+$ch = curl_init();
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false));
+/* Case that should throw an error */
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2));
+
+curl_close($ch);
+?
+--EXPECTF--
+bool(true)
+
+Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST set to true which disables
common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name
validation) in %s on line %d
+bool(true)
+bool(true)
+bool(true)
+bool(true)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Notice if CURLOPT_SSL_VERIFYHOST is set to true: ext/curl/interface.c ext/curl/tests/bug63363.phpt
Commit:f68f31f1211f4f3fe8c692269e916358110fa73d
Author:John Jawed (JJ) ja...@php.net Wed, 24 Oct 2012 21:47:47
-0700
Committer: Anthony Ferrara ircmax...@gmail.com Thu, 25 Oct 2012 16:00:02
-0400
Parents: 0737be7e7baf1fece1683ca9f33064733d8b3514
Branches: PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=f68f31f1211f4f3fe8c692269e916358110fa73d
Log:
Notice if CURLOPT_SSL_VERIFYHOST is set to true
Changed paths:
M ext/curl/interface.c
A ext/curl/tests/bug63363.phpt
Diff:
diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index d75e5c0..00dbfd3 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -1683,6 +1683,11 @@ static int _php_curl_setopt(php_curl *ch, long option,
zval **zvalue, zval *retu
CURLcode error=CURLE_OK;
switch (option) {
+ /* Long options */
+ case CURLOPT_SSL_VERIFYHOST:
+ if(Z_TYPE_PP(zvalue)==IS_BOOL Z_BVAL_PP(zvalue)) {
+ php_error_docref(NULL TSRMLS_CC, E_NOTICE,
CURLOPT_SSL_VERIFYHOST set to true which disables common name validation
(setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation));
+ }
case CURLOPT_INFILESIZE:
case CURLOPT_VERBOSE:
case CURLOPT_HEADER:
@@ -1721,7 +1726,6 @@ static int _php_curl_setopt(php_curl *ch, long option,
zval **zvalue, zval *retu
#if LIBCURL_VERSION_NUM 0x071002
case CURLOPT_CONNECTTIMEOUT_MS:
#endif
- case CURLOPT_SSL_VERIFYHOST:
case CURLOPT_SSL_VERIFYPEER:
case CURLOPT_DNS_USE_GLOBAL_CACHE:
case CURLOPT_NOSIGNAL:
diff --git a/ext/curl/tests/bug63363.phpt b/ext/curl/tests/bug63363.phpt
new file mode 100644
index 000..43deaa2
--- /dev/null
+++ b/ext/curl/tests/bug63363.phpt
@@ -0,0 +1,29 @@
+--TEST--
+Bug #63363 (CURL silently accepts boolean value for SSL_VERIFYHOST)
+--SKIPIF--
+?php
+if (!extension_loaded(curl)) {
+exit(skip curl extension not loaded);
+}
+
+?
+--FILE--
+?php
+$ch = curl_init();
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false));
+/* Case that should throw an error */
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2));
+
+curl_close($ch);
+?
+--EXPECTF--
+bool(true)
+
+Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST set to true which disables
common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name
validation) in %s on line %d
+bool(true)
+bool(true)
+bool(true)
+bool(true)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Merging in Password Hashing API into master: NEWS
Commit:9aacdf6e892fe46526e1e60a3b3fea1b1c350699 Author:Anthony Ferrara ircmax...@gmail.com Tue, 16 Oct 2012 04:11:37 -0400 Parents: ccf749e38d1c05ab50d30781b47e55786d571585 0bc9ca39ced4128c3b9fb1ba2ac797d342e7eef2 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=9aacdf6e892fe46526e1e60a3b3fea1b1c350699 Log: Merging in Password Hashing API into master This implements the accepted RFC password_hash https://wiki.php.net/rfc/password_hash Changed paths: MM NEWS Diff: diff --cc NEWS index 41ab1bb,08045fc..2ad1fa7 --- a/NEWS +++ b/NEWS @@@ -3,8 -3,8 +3,10 @@@ PH ?? ??? 201?, PHP 5.5.0 - General improvements: + . Add simplified password hashing API + (https://wiki.php.net/rfc/password_hash). (Anthony Ferrara) + . Add generators and coroutines (https://wiki.php.net/rfc/generators). +(Nikita Popov) . Support list in foreach (https://wiki.php.net/rfc/foreachlist). (Laruence) . Implemented 'finally' keyword (https://wiki.php.net/rfc/finally). (Laruence) . Drop Windows XP and 2003 support. (Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Refactor to using a stack based zval instead of dynamic allocation: ext/standard/password.c
Commit:0bc9ca39ced4128c3b9fb1ba2ac797d342e7eef2
Author:Anthony Ferrara ircmax...@gmail.com Sun, 7 Oct 2012
05:42:08 -0400
Parents: 37b2207f66ac1cebdc3ff3f7f88ec319ee893292
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=0bc9ca39ced4128c3b9fb1ba2ac797d342e7eef2
Log:
Refactor to using a stack based zval instead of dynamic allocation
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 3507183..266ad0a 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -245,12 +245,11 @@ PHP_FUNCTION(password_needs_rehash)
if (options zend_symtable_find(options,
cost, sizeof(cost), (void **) option_buffer) == SUCCESS) {
if (Z_TYPE_PP(option_buffer) !=
IS_LONG) {
- zval *cast_option_buffer;
- ALLOC_ZVAL(cast_option_buffer);
- MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
-
convert_to_long(cast_option_buffer);
- new_cost =
Z_LVAL_P(cast_option_buffer);
-
zval_ptr_dtor(cast_option_buffer);
+ zval cast_option_buffer;
+ MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
+
convert_to_long(cast_option_buffer);
+ new_cost =
Z_LVAL(cast_option_buffer);
+ zval_dtor(cast_option_buffer);
} else {
new_cost =
Z_LVAL_PP(option_buffer);
}
@@ -326,12 +325,11 @@ PHP_FUNCTION(password_hash)
if (options zend_symtable_find(options, cost, 5,
(void **) option_buffer) == SUCCESS) {
if (Z_TYPE_PP(option_buffer) != IS_LONG) {
- zval *cast_option_buffer;
- ALLOC_ZVAL(cast_option_buffer);
- MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
- convert_to_long(cast_option_buffer);
- cost = Z_LVAL_P(cast_option_buffer);
- zval_ptr_dtor(cast_option_buffer);
+ zval cast_option_buffer;
+ MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
+ convert_to_long(cast_option_buffer);
+ cost = Z_LVAL(cast_option_buffer);
+ zval_dtor(cast_option_buffer);
} else {
cost = Z_LVAL_PP(option_buffer);
}
@@ -366,17 +364,16 @@ PHP_FUNCTION(password_hash)
case IS_LONG:
case IS_DOUBLE:
case IS_OBJECT: {
- zval *cast_option_buffer;
- ALLOC_ZVAL(cast_option_buffer);
- MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
- convert_to_string(cast_option_buffer);
- if (Z_TYPE_P(cast_option_buffer) == IS_STRING) {
- buffer =
estrndup(Z_STRVAL_P(cast_option_buffer), Z_STRLEN_P(cast_option_buffer));
- buffer_len_int =
Z_STRLEN_P(cast_option_buffer);
- zval_ptr_dtor(cast_option_buffer);
+ zval cast_option_buffer;
+ MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
+ convert_to_string(cast_option_buffer);
+ if (Z_TYPE(cast_option_buffer) == IS_STRING) {
+ buffer =
estrndup(Z_STRVAL(cast_option_buffer), Z_STRLEN(cast_option_buffer));
+ buffer_len_int =
Z_STRLEN(cast_option_buffer);
+ zval_dtor(cast_option_buffer);
break;
}
- zval_ptr_dtor(cast_option_buffer);
+ zval_dtor(cast_option_buffer);
}
case IS_BOOL:
case IS_NULL:
--
PHP CVS Mailing List (http://www.php.net
[PHP-CVS] com php-src: Clean up unreported memory leak by switching to zval_ptr_dtor: ext/standard/password.c
Commit:37b2207f66ac1cebdc3ff3f7f88ec319ee893292
Author:Anthony Ferrara ircmax...@gmail.com Sun, 7 Oct 2012
05:12:02 -0400
Parents: 76e83f769ff5929b45cf0ac666335ce68ada166f
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=37b2207f66ac1cebdc3ff3f7f88ec319ee893292
Log:
Clean up unreported memory leak by switching to zval_ptr_dtor
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 70004a9..3507183 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -250,7 +250,7 @@ PHP_FUNCTION(password_needs_rehash)
MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
convert_to_long(cast_option_buffer);
new_cost =
Z_LVAL_P(cast_option_buffer);
- zval_dtor(cast_option_buffer);
+
zval_ptr_dtor(cast_option_buffer);
} else {
new_cost =
Z_LVAL_PP(option_buffer);
}
@@ -331,7 +331,7 @@ PHP_FUNCTION(password_hash)
MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
convert_to_long(cast_option_buffer);
cost = Z_LVAL_P(cast_option_buffer);
- zval_dtor(cast_option_buffer);
+ zval_ptr_dtor(cast_option_buffer);
} else {
cost = Z_LVAL_PP(option_buffer);
}
@@ -373,10 +373,10 @@ PHP_FUNCTION(password_hash)
if (Z_TYPE_P(cast_option_buffer) == IS_STRING) {
buffer =
estrndup(Z_STRVAL_P(cast_option_buffer), Z_STRLEN_P(cast_option_buffer));
buffer_len_int =
Z_STRLEN_P(cast_option_buffer);
- zval_dtor(cast_option_buffer);
+ zval_ptr_dtor(cast_option_buffer);
break;
}
- zval_dtor(cast_option_buffer);
+ zval_ptr_dtor(cast_option_buffer);
}
case IS_BOOL:
case IS_NULL:
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Really fix leaks, add test cases to prove it...: ext/standard/password.c ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_hash_error.
Commit:1751d5fabeff466f08da560caa6f9ade5a82
Author:Anthony Ferrara ircmax...@gmail.com Sat, 6 Oct 2012
10:38:41 -0400
Parents: 25b2d364e995fc070ae16ee34f60d25148413769
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=1751d5fabeff466f08da560caa6f9ade5a82
Log:
Really fix leaks, add test cases to prove it...
Changed paths:
M ext/standard/password.c
M ext/standard/tests/password/password_bcrypt_errors.phpt
M ext/standard/tests/password/password_hash_error.phpt
M ext/standard/tests/password/password_needs_rehash.phpt
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index af42a6f..9667fdc 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -245,9 +245,12 @@ PHP_FUNCTION(password_needs_rehash)
if (options zend_symtable_find(options,
cost, sizeof(cost), (void **) option_buffer) == SUCCESS) {
if (Z_TYPE_PP(option_buffer) !=
IS_LONG) {
-
convert_to_long_ex(option_buffer);
- new_cost =
Z_LVAL_PP(option_buffer);
- zval_ptr_dtor(option_buffer);
+ zval *cast_option_buffer;
+ ALLOC_ZVAL(cast_option_buffer);
+
INIT_PZVAL_COPY(cast_option_buffer, *option_buffer);
+
convert_to_long(cast_option_buffer);
+ new_cost =
Z_LVAL_P(cast_option_buffer);
+ zval_dtor(cast_option_buffer);
} else {
new_cost =
Z_LVAL_PP(option_buffer);
}
@@ -323,9 +326,12 @@ PHP_FUNCTION(password_hash)
if (options zend_symtable_find(options, cost, 5,
(void **) option_buffer) == SUCCESS) {
if (Z_TYPE_PP(option_buffer) != IS_LONG) {
- convert_to_long_ex(option_buffer);
- cost = Z_LVAL_PP(option_buffer);
- zval_ptr_dtor(option_buffer);
+ zval *cast_option_buffer;
+ ALLOC_ZVAL(cast_option_buffer);
+ INIT_PZVAL_COPY(cast_option_buffer,
*option_buffer);
+ convert_to_long(cast_option_buffer);
+ cost = Z_LVAL_P(cast_option_buffer);
+ zval_dtor(cast_option_buffer);
} else {
cost = Z_LVAL_PP(option_buffer);
}
@@ -353,27 +359,27 @@ PHP_FUNCTION(password_hash)
int buffer_len_int = 0;
size_t buffer_len;
switch (Z_TYPE_PP(option_buffer)) {
- case IS_NULL:
case IS_STRING:
+ buffer = estrndup(Z_STRVAL_PP(option_buffer),
Z_STRLEN_PP(option_buffer));
+ buffer_len_int = Z_STRLEN_PP(option_buffer);
+ break;
case IS_LONG:
case IS_DOUBLE:
- case IS_BOOL:
- case IS_OBJECT:
- if (Z_TYPE_PP(option_buffer) == IS_STRING) {
- buffer = Z_STRVAL_PP(option_buffer);
- buffer_len_int =
Z_STRLEN_PP(option_buffer);
+ case IS_OBJECT: {
+ zval *cast_option_buffer;
+ ALLOC_ZVAL(cast_option_buffer);
+ INIT_PZVAL_COPY(cast_option_buffer,
*option_buffer);
+ convert_to_string(cast_option_buffer);
+ if (Z_TYPE_P(cast_option_buffer) == IS_STRING) {
+ buffer =
estrndup(Z_STRVAL_P(cast_option_buffer), Z_STRLEN_P(cast_option_buffer));
+ buffer_len_int =
Z_STRLEN_P(cast_option_buffer);
+ zval_dtor(cast_option_buffer);
break;
- } else {
- SEPARATE_ZVAL(option_buffer);
- convert_to_string_ex(option_buffer);
- if (Z_TYPE_PP(option_buffer) ==
IS_STRING
[PHP-CVS] com php-src: fix allocation and copy issue: ext/standard/password.c
Commit:76e83f769ff5929b45cf0ac666335ce68ada166f
Author:Anthony Ferrara ircmax...@gmail.com Sat, 6 Oct 2012
12:33:48 -0400
Parents: 1751d5fabeff466f08da560caa6f9ade5a82
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=76e83f769ff5929b45cf0ac666335ce68ada166f
Log:
fix allocation and copy issue
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 9667fdc..70004a9 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -247,7 +247,7 @@ PHP_FUNCTION(password_needs_rehash)
if (Z_TYPE_PP(option_buffer) !=
IS_LONG) {
zval *cast_option_buffer;
ALLOC_ZVAL(cast_option_buffer);
-
INIT_PZVAL_COPY(cast_option_buffer, *option_buffer);
+ MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
convert_to_long(cast_option_buffer);
new_cost =
Z_LVAL_P(cast_option_buffer);
zval_dtor(cast_option_buffer);
@@ -328,7 +328,7 @@ PHP_FUNCTION(password_hash)
if (Z_TYPE_PP(option_buffer) != IS_LONG) {
zval *cast_option_buffer;
ALLOC_ZVAL(cast_option_buffer);
- INIT_PZVAL_COPY(cast_option_buffer,
*option_buffer);
+ MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
convert_to_long(cast_option_buffer);
cost = Z_LVAL_P(cast_option_buffer);
zval_dtor(cast_option_buffer);
@@ -368,7 +368,7 @@ PHP_FUNCTION(password_hash)
case IS_OBJECT: {
zval *cast_option_buffer;
ALLOC_ZVAL(cast_option_buffer);
- INIT_PZVAL_COPY(cast_option_buffer,
*option_buffer);
+ MAKE_COPY_ZVAL(option_buffer,
cast_option_buffer);
convert_to_string(cast_option_buffer);
if (Z_TYPE_P(cast_option_buffer) == IS_STRING) {
buffer =
estrndup(Z_STRVAL_P(cast_option_buffer), Z_STRLEN_P(cast_option_buffer));
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix issue with possible memory leak: ext/standard/password.c
Commit:25b2d364e995fc070ae16ee34f60d25148413769
Author:Anthony Ferrara ircmax...@gmail.com Fri, 5 Oct 2012
15:53:40 -0400
Parents: 4a7d18c79ef956022090cf7e8159ca6d50ae2339
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=25b2d364e995fc070ae16ee34f60d25148413769
Log:
Fix issue with possible memory leak
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 87fc2c2..af42a6f 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -350,7 +350,7 @@ PHP_FUNCTION(password_hash)
if (options zend_symtable_find(options, salt, 5, (void**)
option_buffer) == SUCCESS) {
char *buffer;
- int buffer_len_int;
+ int buffer_len_int = 0;
size_t buffer_len;
switch (Z_TYPE_PP(option_buffer)) {
case IS_NULL:
@@ -359,17 +359,20 @@ PHP_FUNCTION(password_hash)
case IS_DOUBLE:
case IS_BOOL:
case IS_OBJECT:
- convert_to_string_ex(option_buffer);
if (Z_TYPE_PP(option_buffer) == IS_STRING) {
buffer = Z_STRVAL_PP(option_buffer);
buffer_len_int =
Z_STRLEN_PP(option_buffer);
- if (buffer_len_int 0) {
+ break;
+ } else {
+ SEPARATE_ZVAL(option_buffer);
+ convert_to_string_ex(option_buffer);
+ if (Z_TYPE_PP(option_buffer) ==
IS_STRING) {
+ buffer =
Z_STRVAL_PP(option_buffer);
+ buffer_len_int =
Z_STRLEN_PP(option_buffer);
zval_ptr_dtor(option_buffer);
- efree(hash_format);
- php_error_docref(NULL
TSRMLS_CC, E_WARNING, Supplied salt is too long);
+ break;
}
- buffer_len = (size_t) buffer_len_int;
- break;
+ zval_ptr_dtor(option_buffer);
}
case IS_RESOURCE:
case IS_ARRAY:
@@ -378,6 +381,11 @@ PHP_FUNCTION(password_hash)
php_error_docref(NULL TSRMLS_CC, E_WARNING,
Non-string salt parameter supplied);
RETURN_NULL();
}
+ if (buffer_len_int 0) {
+ efree(hash_format);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied
salt is too long);
+ }
+ buffer_len = (size_t) buffer_len_int;
if (buffer_len required_salt_len) {
efree(hash_format);
php_error_docref(NULL TSRMLS_CC, E_WARNING, Provided
salt is too short: %lu expecting %lu, (unsigned long) buffer_len, (unsigned
long) required_salt_len);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix some double free issues, and more cleanup work: ext/standard/password.c
Commit:4a7d18c79ef956022090cf7e8159ca6d50ae2339
Author:Anthony Ferrara ircmax...@gmail.com Fri, 5 Oct 2012
15:31:58 -0400
Parents: 8bd79d180716fc521a3f5cae4bbfa96eb6397925
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=4a7d18c79ef956022090cf7e8159ca6d50ae2339
Log:
Fix some double free issues, and more cleanup work
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index e876269..87fc2c2 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -79,7 +79,7 @@ static zend_bool php_password_salt_is_alphabet(const char
*str, const size_t len
}
/* }}} */
-static int php_password_salt_to64(const char *str, const size_t str_len, const
size_t out_len, char *ret) /* {{{ */
+static zend_bool php_password_salt_to64(const char *str, const size_t str_len,
const size_t out_len, char *ret) /* {{{ */
{
size_t pos = 0;
size_t ret_len = 0;
@@ -108,7 +108,7 @@ static int php_password_salt_to64(const char *str, const
size_t str_len, const s
}
/* }}} */
-static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */
+static zend_bool php_password_make_salt(size_t length, char *ret TSRMLS_DC) /*
{{{ */
{
int buffer_valid = 0;
size_t i, raw_length;
@@ -163,9 +163,8 @@ static int php_password_make_salt(size_t length, char *ret
TSRMLS_DC) /* {{{ */
efree(buffer);
efree(result);
return FAILURE;
- } else {
- memcpy(ret, result, (int) length);
}
+ memcpy(ret, result, (int) length);
efree(result);
efree(buffer);
ret[length] = 0;
@@ -245,9 +244,13 @@ PHP_FUNCTION(password_needs_rehash)
long new_cost = PHP_PASSWORD_BCRYPT_COST, cost
= 0;
if (options zend_symtable_find(options,
cost, sizeof(cost), (void **) option_buffer) == SUCCESS) {
- convert_to_long_ex(option_buffer);
- new_cost = Z_LVAL_PP(option_buffer);
- zval_ptr_dtor(option_buffer);
+ if (Z_TYPE_PP(option_buffer) !=
IS_LONG) {
+
convert_to_long_ex(option_buffer);
+ new_cost =
Z_LVAL_PP(option_buffer);
+ zval_ptr_dtor(option_buffer);
+ } else {
+ new_cost =
Z_LVAL_PP(option_buffer);
+ }
}
sscanf(hash, $2y$%ld$, cost);
@@ -319,9 +322,13 @@ PHP_FUNCTION(password_hash)
long cost = PHP_PASSWORD_BCRYPT_COST;
if (options zend_symtable_find(options, cost, 5,
(void **) option_buffer) == SUCCESS) {
- convert_to_long_ex(option_buffer);
- cost = Z_LVAL_PP(option_buffer);
- zval_ptr_dtor(option_buffer);
+ if (Z_TYPE_PP(option_buffer) != IS_LONG) {
+ convert_to_long_ex(option_buffer);
+ cost = Z_LVAL_PP(option_buffer);
+ zval_ptr_dtor(option_buffer);
+ } else {
+ cost = Z_LVAL_PP(option_buffer);
+ }
}
if (cost 4 || cost 31) {
@@ -367,14 +374,12 @@ PHP_FUNCTION(password_hash)
case IS_RESOURCE:
case IS_ARRAY:
default:
- zval_ptr_dtor(option_buffer);
efree(hash_format);
php_error_docref(NULL TSRMLS_CC, E_WARNING,
Non-string salt parameter supplied);
RETURN_NULL();
}
if (buffer_len required_salt_len) {
efree(hash_format);
- zval_ptr_dtor(option_buffer);
php_error_docref(NULL TSRMLS_CC, E_WARNING, Provided
salt is too short: %lu expecting %lu, (unsigned long) buffer_len, (unsigned
long) required_salt_len);
RETURN_NULL();
} else if (0 == php_password_salt_is_alphabet(buffer,
buffer_len)) {
@@ -382,7 +387,6 @@ PHP_FUNCTION(password_hash)
if (php_password_salt_to64(buffer, buffer_len,
required_salt_len, salt) == FAILURE) {
efree(hash_format);
efree(salt
[PHP-CVS] com php-src: Fix arg info for required params passed to needs_rehash: ext/standard/basic_functions.c
Commit:6fd5ba5c8d70ecbd80175a488160f57380d8afee Author:Anthony Ferrara ircmax...@gmail.com Mon, 17 Sep 2012 11:10:59 -0400 Parents: 44c2624f8c7d6bc00f46bc69c77791c2a334cc9a Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6fd5ba5c8d70ecbd80175a488160f57380d8afee Log: Fix arg info for required params passed to needs_rehash Changed paths: M ext/standard/basic_functions.c Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index cf2266c..a30579e 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1863,7 +1863,7 @@ ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_INFO_EX(arginfo_password_get_info, 0, 0, 1) ZEND_ARG_INFO(0, hash) ZEND_END_ARG_INFO() -ZEND_BEGIN_ARG_INFO_EX(arginfo_password_needs_rehash, 0, 0, 1) +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_needs_rehash, 0, 0, 2) ZEND_ARG_INFO(0, hash) ZEND_ARG_INFO(0, algo) ZEND_ARG_INFO(0, options) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Refactor slightly to enable cleaner readability: ext/standard/password.c
Commit:8bd79d180716fc521a3f5cae4bbfa96eb6397925
Author:Anthony Ferrara ircmax...@gmail.com Mon, 17 Sep 2012
11:43:47 -0400
Parents: 6fd5ba5c8d70ecbd80175a488160f57380d8afee
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=8bd79d180716fc521a3f5cae4bbfa96eb6397925
Log:
Refactor slightly to enable cleaner readability
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 8e9d894..e876269 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -242,16 +242,16 @@ PHP_FUNCTION(password_needs_rehash)
switch (algo) {
case PHP_PASSWORD_BCRYPT:
{
- int newCost = PHP_PASSWORD_BCRYPT_COST, cost =
0;
+ long new_cost = PHP_PASSWORD_BCRYPT_COST, cost
= 0;
- if (options zend_symtable_find(options,
cost, 5, (void **) option_buffer) == SUCCESS) {
+ if (options zend_symtable_find(options,
cost, sizeof(cost), (void **) option_buffer) == SUCCESS) {
convert_to_long_ex(option_buffer);
- newCost = Z_LVAL_PP(option_buffer);
+ new_cost = Z_LVAL_PP(option_buffer);
zval_ptr_dtor(option_buffer);
}
- sscanf(hash, $2y$%d$, cost);
- if (cost != newCost) {
+ sscanf(hash, $2y$%ld$, cost);
+ if (cost != new_cost) {
RETURN_TRUE;
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix ucwords error casing: ext/standard/password.c
Commit:44c2624f8c7d6bc00f46bc69c77791c2a334cc9a
Author:Anthony Ferrara ircmax...@gmail.com Mon, 17 Sep 2012
10:59:51 -0400
Parents: e034a46bdc36fb82957f5e503fa730776dfbba11
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=44c2624f8c7d6bc00f46bc69c77791c2a334cc9a
Log:
Fix ucwords error casing
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 6c2a9af..8e9d894 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -185,7 +185,7 @@ PHP_FUNCTION(password_get_info)
}
if (hash_len 0 || (size_t) hash_len 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied Password
Hash Too Long To Safely Identify);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied password
hash too long to safely identify);
RETURN_FALSE;
}
@@ -229,7 +229,7 @@ PHP_FUNCTION(password_needs_rehash)
}
if (hash_len 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied Password
Hash Too Long To Safely Identify);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied password
hash too long to safely identify);
RETURN_FALSE;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: A bunch of naming convention fixes. No functionality changes: ext/standard/password.c ext/standard/php_password.h
Commit:e034a46bdc36fb82957f5e503fa730776dfbba11
Author:Anthony Ferrara ircmax...@gmail.com Mon, 17 Sep 2012
10:52:07 -0400
Parents: 83cfff4593bd3bd7791f32795e9b5bda446cd8e2
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=e034a46bdc36fb82957f5e503fa730776dfbba11
Log:
A bunch of naming convention fixes. No functionality changes
Changed paths:
M ext/standard/password.c
M ext/standard/php_password.h
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 0dd8fed..6c2a9af 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -38,7 +38,7 @@
PHP_MINIT_FUNCTION(password) /* {{{ */
{
REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
- REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PASSWORD_BCRYPT, CONST_CS |
CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS
| CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT_DEFAULT_COST,
PHP_PASSWORD_BCRYPT_COST, CONST_CS | CONST_PERSISTENT);
@@ -46,23 +46,24 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
}
/* }}} */
-static char* php_password_get_algo_name(const php_password_algos algo)
+static char* php_password_get_algo_name(const php_password_algo algo)
{
switch (algo) {
- case PASSWORD_BCRYPT:
+ case PHP_PASSWORD_BCRYPT:
return bcrypt;
+ case PHP_PASSWORD_UNKNOWN:
default:
return unknown;
}
}
-static php_password_algos php_password_determine_algo(const char *hash, const
size_t len)
+static php_password_algo php_password_determine_algo(const char *hash, const
size_t len)
{
if (len 3 hash[0] == '$' hash[1] == '2' hash[2] == 'y'
len == 60) {
- return PASSWORD_BCRYPT;
+ return PHP_PASSWORD_BCRYPT;
}
- return PASSWORD_UNKNOWN;
+ return PHP_PASSWORD_UNKNOWN;
}
static zend_bool php_password_salt_is_alphabet(const char *str, const size_t
len) /* {{{ */
@@ -174,13 +175,13 @@ static int php_password_make_salt(size_t length, char
*ret TSRMLS_DC) /* {{{ */
PHP_FUNCTION(password_get_info)
{
- php_password_algos algo;
+ php_password_algo algo;
int hash_len;
- char *hash, *algoName;
+ char *hash, *algo_name;
zval *options;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, hash,
hash_len) == FAILURE) {
- RETURN_NULL();
+ return;
}
if (hash_len 0 || (size_t) hash_len 0) {
@@ -192,17 +193,17 @@ PHP_FUNCTION(password_get_info)
array_init(options);
algo = php_password_determine_algo(hash, (size_t) hash_len);
- algoName = php_password_get_algo_name(algo);
+ algo_name = php_password_get_algo_name(algo);
switch (algo) {
- case PASSWORD_BCRYPT:
+ case PHP_PASSWORD_BCRYPT:
{
long cost = PHP_PASSWORD_BCRYPT_COST;
sscanf(hash, $2y$%ld$, cost);
add_assoc_long(options, cost, cost);
}
break;
- case PASSWORD_UNKNOWN:
+ case PHP_PASSWORD_UNKNOWN:
default:
break;
}
@@ -210,21 +211,21 @@ PHP_FUNCTION(password_get_info)
array_init(return_value);
add_assoc_long(return_value, algo, algo);
- add_assoc_string(return_value, algoName, algoName, 1);
+ add_assoc_string(return_value, algoName, algo_name, 1);
add_assoc_zval(return_value, options, options);
}
PHP_FUNCTION(password_needs_rehash)
{
long new_algo = 0;
- php_password_algos algo;
+ php_password_algo algo;
int hash_len;
char *hash;
HashTable *options = 0;
zval **option_buffer;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, sl|H, hash,
hash_len, new_algo, options) == FAILURE) {
- RETURN_NULL();
+ return;
}
if (hash_len 0) {
@@ -239,7 +240,7 @@ PHP_FUNCTION(password_needs_rehash)
}
switch (algo) {
- case PASSWORD_BCRYPT:
+ case PHP_PASSWORD_BCRYPT:
{
int newCost = PHP_PASSWORD_BCRYPT_COST, cost =
0;
@@ -255,7 +256,7 @@ PHP_FUNCTION(password_needs_rehash)
}
}
break;
- case PASSWORD_UNKNOWN:
+ case PHP_PASSWORD_UNKNOWN:
default:
break;
}
@@ -309,11 +310,11 @@ PHP_FUNCTION(password_hash)
zval **option_buffer;
if (zend_parse_parameters(ZEND_NUM_ARGS
[PHP-CVS] com php-src: Switch to using an ENUM for algorithms instead of a constant: ext/standard/password.c ext/standard/php_password.h
Commit:83cfff4593bd3bd7791f32795e9b5bda446cd8e2
Author:Anthony Ferrara ircmax...@gmail.com Thu, 13 Sep 2012
10:32:54 -0400
Parents: 7ec80e1a139ca7f43c02728f3fe2424cef0138b6
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=83cfff4593bd3bd7791f32795e9b5bda446cd8e2
Log:
Switch to using an ENUM for algorithms instead of a constant
Changed paths:
M ext/standard/password.c
M ext/standard/php_password.h
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 9b1bb8c..0dd8fed 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -38,7 +38,7 @@
PHP_MINIT_FUNCTION(password) /* {{{ */
{
REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
- REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS
| CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PASSWORD_BCRYPT, CONST_CS |
CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT_DEFAULT_COST,
PHP_PASSWORD_BCRYPT_COST, CONST_CS | CONST_PERSISTENT);
@@ -46,29 +46,26 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
}
/* }}} */
-static char* php_password_get_algo_name(const int algo)
+static char* php_password_get_algo_name(const php_password_algos algo)
{
switch (algo) {
- case PHP_PASSWORD_BCRYPT:
+ case PASSWORD_BCRYPT:
return bcrypt;
default:
return unknown;
}
}
-static int php_password_determine_algo(const char *hash, const size_t len)
+static php_password_algos php_password_determine_algo(const char *hash, const
size_t len)
{
- if (len 3) {
- return 0;
- }
- if (hash[0] == '$' hash[1] == '2' hash[2] == 'y' len == 60) {
- return PHP_PASSWORD_BCRYPT;
+ if (len 3 hash[0] == '$' hash[1] == '2' hash[2] == 'y'
len == 60) {
+ return PASSWORD_BCRYPT;
}
- return 0;
+ return PASSWORD_UNKNOWN;
}
-static int php_password_salt_is_alphabet(const char *str, const size_t len) /*
{{{ */
+static zend_bool php_password_salt_is_alphabet(const char *str, const size_t
len) /* {{{ */
{
size_t i = 0;
@@ -177,7 +174,7 @@ static int php_password_make_salt(size_t length, char *ret
TSRMLS_DC) /* {{{ */
PHP_FUNCTION(password_get_info)
{
- long algo;
+ php_password_algos algo;
int hash_len;
char *hash, *algoName;
zval *options;
@@ -198,13 +195,16 @@ PHP_FUNCTION(password_get_info)
algoName = php_password_get_algo_name(algo);
switch (algo) {
- case PHP_PASSWORD_BCRYPT:
+ case PASSWORD_BCRYPT:
{
long cost = PHP_PASSWORD_BCRYPT_COST;
sscanf(hash, $2y$%ld$, cost);
add_assoc_long(options, cost, cost);
}
- break;
+ break;
+ case PASSWORD_UNKNOWN:
+ default:
+ break;
}
array_init(return_value);
@@ -216,7 +216,8 @@ PHP_FUNCTION(password_get_info)
PHP_FUNCTION(password_needs_rehash)
{
- long new_algo = 0, algo = 0;
+ long new_algo = 0;
+ php_password_algos algo;
int hash_len;
char *hash;
HashTable *options = 0;
@@ -238,7 +239,7 @@ PHP_FUNCTION(password_needs_rehash)
}
switch (algo) {
- case PHP_PASSWORD_BCRYPT:
+ case PASSWORD_BCRYPT:
{
int newCost = PHP_PASSWORD_BCRYPT_COST, cost =
0;
@@ -254,6 +255,9 @@ PHP_FUNCTION(password_needs_rehash)
}
}
break;
+ case PASSWORD_UNKNOWN:
+ default:
+ break;
}
RETURN_FALSE;
}
@@ -309,7 +313,7 @@ PHP_FUNCTION(password_hash)
}
switch (algo) {
- case PHP_PASSWORD_BCRYPT:
+ case PASSWORD_BCRYPT:
{
long cost = PHP_PASSWORD_BCRYPT_COST;
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index db7747a..c812e2c 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -28,11 +28,15 @@ PHP_FUNCTION(password_get_info);
PHP_MINIT_FUNCTION(password);
-#define PHP_PASSWORD_DEFAULT 1
-#define PHP_PASSWORD_BCRYPT1
+#define PHP_PASSWORD_DEFAULT PASSWORD_BCRYPT
#define PHP_PASSWORD_BCRYPT_COST 10
+typedef enum {
+ PASSWORD_UNKNOWN,
+ PASSWORD_BCRYPT
+} php_password_algos;
+
#endif
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Add news entry for password API: NEWS
Commit:7161c3d2cfde54ce218f20d03684f2a58e1c7627 Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 11:56:12 -0400 Parents: 3e383dc0d5d7eb957f6639ab38dd566e16bca92b Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7161c3d2cfde54ce218f20d03684f2a58e1c7627 Log: Add news entry for password API Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index 1ee9779..08045fc 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,8 @@ PHP NEWS ?? ??? 201?, PHP 5.5.0 - General improvements: + . Add simplified password hashing API +(https://wiki.php.net/rfc/password_hash). (Anthony Ferrara) . Support list in foreach (https://wiki.php.net/rfc/foreachlist). (Laruence) . Implemented 'finally' keyword (https://wiki.php.net/rfc/finally). (Laruence) . Drop Windows XP and 2003 support. (Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Remove bcrypt_cost ini entry from declaration: main/main.c
Commit:ebe0bd5dee07bebd8444d9e7c28864ba17efeef8 Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 11:44:03 -0400 Parents: e9a7bde829b3e43e2c61455752801e31ea88974f Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=ebe0bd5dee07bebd8444d9e7c28864ba17efeef8 Log: Remove bcrypt_cost ini entry from declaration Changed paths: M main/main.c Diff: diff --git a/main/main.c b/main/main.c index 2f40dc9..5eb9947 100644 --- a/main/main.c +++ b/main/main.c @@ -539,8 +539,6 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY(error_append_string,NULL, PHP_INI_ALL,OnUpdateString, error_append_string, php_core_globals, core_globals) STD_PHP_INI_ENTRY(error_prepend_string, NULL, PHP_INI_ALL,OnUpdateString, error_prepend_string, php_core_globals, core_globals) - PHP_INI_ENTRY(password.bcrypt_cost, 11, PHP_INI_ALL,NULL) - PHP_INI_ENTRY(SMTP, localhost,PHP_INI_ALL,NULL) PHP_INI_ENTRY(smtp_port, 25, PHP_INI_ALL,NULL) STD_PHP_INI_BOOLEAN(mail.add_x_header,0, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, mail_x_header, php_core_globals, core_globals) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Expose PASSWORD_BCRYPT_DEFAULT_COST constant and update test to use it: ext/standard/password.c ext/standard/tests/password/password_needs_rehash.phpt
Commit:76f3295cdfd6a3106297352e73b9691084582211
Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012
11:47:50 -0400
Parents: ebe0bd5dee07bebd8444d9e7c28864ba17efeef8
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=76f3295cdfd6a3106297352e73b9691084582211
Log:
Expose PASSWORD_BCRYPT_DEFAULT_COST constant and update test to use it
Changed paths:
M ext/standard/password.c
M ext/standard/tests/password/password_needs_rehash.phpt
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index d3dc457..9b1bb8c 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -40,6 +40,8 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS
| CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT_DEFAULT_COST,
PHP_PASSWORD_BCRYPT_COST, CONST_CS | CONST_PERSISTENT);
+
return SUCCESS;
}
/* }}} */
diff --git a/ext/standard/tests/password/password_needs_rehash.phpt
b/ext/standard/tests/password/password_needs_rehash.phpt
index 0c03d88..2fc3983 100644
--- a/ext/standard/tests/password/password_needs_rehash.phpt
+++ b/ext/standard/tests/password/password_needs_rehash.phpt
@@ -22,9 +22,9 @@
var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9H
// Invalid, different (higher) cost
var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y',
PASSWORD_BCRYPT, array('cost' = 11)));
-// Valid with cost the default (may need to be updated as the default cost
increases)
-var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y',
PASSWORD_BCRYPT));
-
+// Valid with cost the default
+$cost = str_pad(PASSWORD_BCRYPT_DEFAULT_COST, 2, '0', STR_PAD_LEFT);
+var_dump(password_needs_rehash('$2y$'.$cost.'$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y',
PASSWORD_BCRYPT));
echo OK!;
?
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Switch test to using strict comparison for crypt fallback: ext/standard/tests/password/password_hash.phpt
Commit:e9a7bde829b3e43e2c61455752801e31ea88974f Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 11:37:56 -0400 Parents: e8b7f5b35da46a2bc414c922e8e1a7093d963899 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e9a7bde829b3e43e2c61455752801e31ea88974f Log: Switch test to using strict comparison for crypt fallback Changed paths: M ext/standard/tests/password/password_hash.phpt Diff: diff --git a/ext/standard/tests/password/password_hash.phpt b/ext/standard/tests/password/password_hash.phpt index ff48b29..f59d3d5 100644 --- a/ext/standard/tests/password/password_hash.phpt +++ b/ext/standard/tests/password/password_hash.phpt @@ -8,7 +8,7 @@ var_dump(strlen(password_hash(foo, PASSWORD_BCRYPT))); $hash = password_hash(foo, PASSWORD_BCRYPT); -var_dump($hash == crypt(foo, $hash)); +var_dump($hash === crypt(foo, $hash)); var_dump(password_hash(rasmuslerdorf, PASSWORD_BCRYPT, array(cost = 7, salt = usesomesillystringforsalt))); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Add tests for password_get_info and password_needs_rehash: ext/standard/tests/password/password_get_info.phpt ext/standard/tests/password/password_get_info_error.phpt ext/standa
Commit:e8b7f5b35da46a2bc414c922e8e1a7093d963899
Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012
11:21:08 -0400
Parents: db41f9fe60d863041fb53a273c2f64b6925f5ad0
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=e8b7f5b35da46a2bc414c922e8e1a7093d963899
Log:
Add tests for password_get_info and password_needs_rehash
Changed paths:
A ext/standard/tests/password/password_get_info.phpt
A ext/standard/tests/password/password_get_info_error.phpt
A ext/standard/tests/password/password_needs_rehash.phpt
A ext/standard/tests/password/password_needs_rehash_error.phpt
Diff:
diff --git a/ext/standard/tests/password/password_get_info.phpt
b/ext/standard/tests/password/password_get_info.phpt
new file mode 100644
index 000..4c8dc04
--- /dev/null
+++ b/ext/standard/tests/password/password_get_info.phpt
@@ -0,0 +1,58 @@
+--TEST--
+Test normal operation of password_get_info()
+--FILE--
+?php
+//-=-=-=-
+// Test Bcrypt
+var_dump(password_get_info('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y'));
+// Test Bcrypt Cost
+var_dump(password_get_info('$2y$11$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y'));
+// Test Bcrypt Invalid Length
+var_dump(password_get_info('$2y$11$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100'));
+// Test Non-Bcrypt
+var_dump(password_get_info('$1$rasmusle$rISCgZzpwk3UhDidwXvin0'));
+
+echo OK!;
+?
+--EXPECT--
+array(3) {
+ [algo]=
+ int(1)
+ [algoName]=
+ string(6) bcrypt
+ [options]=
+ array(1) {
+[cost]=
+int(10)
+ }
+}
+array(3) {
+ [algo]=
+ int(1)
+ [algoName]=
+ string(6) bcrypt
+ [options]=
+ array(1) {
+[cost]=
+int(11)
+ }
+}
+array(3) {
+ [algo]=
+ int(0)
+ [algoName]=
+ string(7) unknown
+ [options]=
+ array(0) {
+ }
+}
+array(3) {
+ [algo]=
+ int(0)
+ [algoName]=
+ string(7) unknown
+ [options]=
+ array(0) {
+ }
+}
+OK!
diff --git a/ext/standard/tests/password/password_get_info_error.phpt
b/ext/standard/tests/password/password_get_info_error.phpt
new file mode 100644
index 000..af67674
--- /dev/null
+++ b/ext/standard/tests/password/password_get_info_error.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Test error operation of password_get_info()
+--FILE--
+?php
+//-=-=-=-
+var_dump(password_get_info());
+var_dump(password_get_info(array()));
+
+echo OK!;
+?
+--EXPECTF--
+Warning: password_get_info() expects exactly 1 parameter, 0 given in %s on
line %d
+NULL
+
+Warning: password_get_info() expects parameter 1 to be string, array given in
%s on line %d
+NULL
+OK!
diff --git a/ext/standard/tests/password/password_needs_rehash.phpt
b/ext/standard/tests/password/password_needs_rehash.phpt
new file mode 100644
index 000..0c03d88
--- /dev/null
+++ b/ext/standard/tests/password/password_needs_rehash.phpt
@@ -0,0 +1,39 @@
+--TEST--
+Test normal operation of password_needs_rehash()
+--FILE--
+?php
+//-=-=-=-
+
+// Invalid Hash, always rehash
+var_dump(password_needs_rehash('', PASSWORD_BCRYPT));
+
+// Valid, as it's an unknown algorithm
+var_dump(password_needs_rehash('', 0));
+
+// Valid with cost the same
+var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y',
PASSWORD_BCRYPT, array('cost' = 10)));
+
+// Valid with cost the same, additional params
+var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y',
PASSWORD_BCRYPT, array('cost' = 10, 'foo' = 3)));
+
+// Invalid, different (lower) cost
+var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y',
PASSWORD_BCRYPT, array('cost' = 09)));
+
+// Invalid, different (higher) cost
+var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y',
PASSWORD_BCRYPT, array('cost' = 11)));
+
+// Valid with cost the default (may need to be updated as the default cost
increases)
+var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y',
PASSWORD_BCRYPT));
+
+
+echo OK!;
+?
+--EXPECT--
+bool(true)
+bool(false)
+bool(false)
+bool(false)
+bool(true)
+bool(true)
+bool(false)
+OK!
diff --git a/ext/standard/tests/password/password_needs_rehash_error.phpt
b/ext/standard/tests/password/password_needs_rehash_error.phpt
new file mode 100644
index 000..e25ef8d
--- /dev/null
+++ b/ext/standard/tests/password/password_needs_rehash_error.phpt
@@ -0,0 +1,33 @@
+--TEST--
+Test error operation of password_needs_rehash()
+--FILE--
+?php
+//-=-=-=-
+var_dump(password_needs_rehash());
+
+var_dump(password_needs_rehash(''));
+
+var_dump(password_needs_rehash('', foo));
+
+var_dump(password_needs_rehash(array(), 1));
+
+var_dump(password_needs_rehash(, 1, foo));
+
+echo OK!;
+?
+--EXPECTF--
+Warning: password_needs_rehash() expects at least 2 parameters, 0 given in %s
on line %d
+NULL
+
+Warning: password_needs_rehash() expects at least 2 parameters, 1 given in %s
on line %d
+NULL
+
+Warning: password_needs_rehash() expects parameter 2
[PHP-CVS] com php-src: Fix incorrect arg info required param count for password_hash: ext/standard/basic_functions.c
Commit:7ec80e1a139ca7f43c02728f3fe2424cef0138b6
Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012
12:15:33 -0400
Parents: 7161c3d2cfde54ce218f20d03684f2a58e1c7627
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=7ec80e1a139ca7f43c02728f3fe2424cef0138b6
Log:
Fix incorrect arg info required param count for password_hash
Changed paths:
M ext/standard/basic_functions.c
Diff:
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index ece64f3..cf2266c 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -1855,7 +1855,7 @@ ZEND_BEGIN_ARG_INFO(arginfo_getlastmod, 0)
ZEND_END_ARG_INFO()
/* }}} */
/* {{{ password.c */
-ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 1)
+ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 2)
ZEND_ARG_INFO(0, password)
ZEND_ARG_INFO(0, algo)
ZEND_ARG_INFO(0, options)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Refactoring to use size_t instead of int most places: ext/standard/password.c ext/standard/php_password.h
Commit:db41f9fe60d863041fb53a273c2f64b6925f5ad0
Author:Anthony Ferrara ircmax...@gmail.com Tue, 4 Sep 2012
11:34:00 -0400
Parents: 824f1f45818096eff0e022ba2a1cbc2071343c9a
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=db41f9fe60d863041fb53a273c2f64b6925f5ad0
Log:
Refactoring to use size_t instead of int most places
Changed paths:
M ext/standard/password.c
M ext/standard/php_password.h
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 4f8ef5d..d3dc457 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -44,7 +44,17 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
}
/* }}} */
-static long php_password_determine_algo(const char *hash, const int len)
+static char* php_password_get_algo_name(const int algo)
+{
+ switch (algo) {
+ case PHP_PASSWORD_BCRYPT:
+ return bcrypt;
+ default:
+ return unknown;
+ }
+}
+
+static int php_password_determine_algo(const char *hash, const size_t len)
{
if (len 3) {
return 0;
@@ -56,27 +66,33 @@ static long php_password_determine_algo(const char *hash,
const int len)
return 0;
}
-static int php_password_salt_is_alphabet(const char *str, const int len, const
int salt_type) /* {{{ */
+static int php_password_salt_is_alphabet(const char *str, const size_t len) /*
{{{ */
{
- int i = 0;
+ size_t i = 0;
- if (salt_type == PHP_PASSWORD_SALT_BCRYPT) {
- for (i = 0; i len; i++) {
- if (!((str[i] = 'A' str[i] = 'Z') || (str[i] =
'a' str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' ||
str[i] == '/')) {
- return 0;
- }
+ for (i = 0; i len; i++) {
+ if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a'
str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i]
== '/')) {
+ return 0;
}
}
-
return 1;
}
/* }}} */
-static int php_password_salt_to64(const char *str, const int str_len, const
int out_len, char *ret) /* {{{ */
+static int php_password_salt_to64(const char *str, const size_t str_len, const
size_t out_len, char *ret) /* {{{ */
{
- int pos = 0;
+ size_t pos = 0;
+ size_t ret_len = 0;
unsigned char *buffer;
- buffer = php_base64_encode((unsigned char*) str, str_len, NULL);
+ if ((int) str_len 0) {
+ return FAILURE;
+ }
+ buffer = php_base64_encode((unsigned char*) str, (int) str_len, (int*)
ret_len);
+ if (ret_len out_len) {
+ /* Too short of an encoded string generated */
+ efree(buffer);
+ return FAILURE;
+ }
for (pos = 0; pos out_len; pos++) {
if (buffer[pos] == '+') {
ret[pos] = '.';
@@ -92,30 +108,26 @@ static int php_password_salt_to64(const char *str, const
int str_len, const int
}
/* }}} */
-static int php_password_make_salt(long length, int salt_type, char *ret
TSRMLS_DC) /* {{{ */
+static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */
{
int buffer_valid = 0;
- long i, raw_length;
+ size_t i, raw_length;
char *buffer;
+ char *result;
- if (salt_type == PHP_PASSWORD_SALT_RAW) {
- raw_length = length;
- } else if (salt_type == PHP_PASSWORD_SALT_BCRYPT) {
- if (length (LONG_MAX / 3)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is
too large to safely generate);
- return FAILURE;
- }
- raw_length = length * 3 / 4 + 1;
- } else {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown salt type
paramter);
+ if (length (INT_MAX / 3)) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too
large to safely generate);
return FAILURE;
}
+
+ raw_length = length * 3 / 4 + 1;
+
buffer = (char *) safe_emalloc(raw_length, 1, 1);
#if PHP_WIN32
{
BYTE *iv_b = (BYTE *) buffer;
- if (php_win32_get_random_bytes(iv_b, (size_t) raw_length) ==
SUCCESS) {
+ if (php_win32_get_random_bytes(iv_b, raw_length) == SUCCESS) {
buffer_valid = 1;
}
}
@@ -130,11 +142,11 @@ static int php_password_make_salt(long length, int
salt_type, char *ret TSRMLS_D
if (n 0) {
break;
}
- read_bytes += n;
+ read_bytes += (size_t) n;
}
close(fd);
}
- if (read_bytes == raw_length
[PHP-CVS] com php-src: Merge remote branch 'upstream/master' into hash_password: ext/standard/basic_functions.c main/main.c
Commit:824f1f45818096eff0e022ba2a1cbc2071343c9a Author:Anthony Ferrara ircmax...@gmail.com Tue, 4 Sep 2012 10:29:22 -0400 Parents: e05413ca594ff10fd93d40429cb598c2e109edf4 4b206126aca2ad9181abe65d70367680a4bc4c03 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=824f1f45818096eff0e022ba2a1cbc2071343c9a Log: Merge remote branch 'upstream/master' into hash_password * upstream/master: (393 commits) forked two tests for windows Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice) Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice) Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice) Bug #49510: Boolean validation fails with FILTER_NULL_ON_FAILURE with empty string or false Implemented ReflectionFunction::isGenerator() Allow null as a default value for length in mb_substr() and mb_strcut() Allow null as a default value for length in mb_substr() and mb_strcut() folder Initializing optional argument description in assert() Initializing optional argument description in assert() Fix test failed due to new Token T_YIELD fix NEWS Fix leak when yielding array as key Drop obsolete test Remove extra blank in notice message, should act as same as vm Fixed bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables) assert() user message ... Bugs: https://bugs.php.net/50997 https://bugs.php.net/49510 https://bugs.php.net/62987 Changed paths: MM ext/standard/basic_functions.c MM main/main.c Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Remove password_make_salt() from the implementation: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h ext/standard/tests/password/password_make
Commit:e05413ca594ff10fd93d40429cb598c2e109edf4
Author:Anthony Ferrara ircmax...@gmail.com Tue, 28 Aug 2012
11:24:33 -0400
Parents: 707c9073b595a75447fbc25e01e7804293fad9b7
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=e05413ca594ff10fd93d40429cb598c2e109edf4
Log:
Remove password_make_salt() from the implementation
Changed paths:
M ext/standard/basic_functions.c
M ext/standard/password.c
M ext/standard/php_password.h
D ext/standard/tests/password/password_make_salt.phpt
D ext/standard/tests/password/password_make_salt_error.phpt
Diff:
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index e6b1559..1f1b3d3 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -1884,10 +1884,6 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_password_verify, 0, 0, 2)
ZEND_ARG_INFO(0, password)
ZEND_ARG_INFO(0, hash)
ZEND_END_ARG_INFO()
-ZEND_BEGIN_ARG_INFO_EX(arginfo_password_make_salt, 0, 0, 1)
- ZEND_ARG_INFO(0, length)
- ZEND_ARG_INFO(0, raw_output)
-ZEND_END_ARG_INFO()
/* }}} */
/* {{{ proc_open.c */
#ifdef PHP_CAN_SUPPORT_PROC_OPEN
@@ -2907,8 +2903,6 @@ const zend_function_entry basic_functions[] = { /* {{{ */
PHP_FE(password_get_info,
arginfo_password_get_info)
PHP_FE(password_needs_rehash,
arginfo_password_needs_rehash)
PHP_FE(password_verify,
arginfo_password_verify)
- PHP_FE(password_make_salt,
arginfo_password_make_salt)
-
PHP_FE(convert_uuencode,
arginfo_convert_uuencode)
PHP_FE(convert_uudecode,
arginfo_convert_uudecode)
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 2e5d62a..4f8ef5d 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -40,9 +40,6 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS
| CONST_PERSISTENT);
- REGISTER_LONG_CONSTANT(PASSWORD_SALT_RAW, PHP_PASSWORD_SALT_RAW,
CONST_CS | CONST_PERSISTENT);
- REGISTER_LONG_CONSTANT(PASSWORD_SALT_BCRYPT,
PHP_PASSWORD_SALT_BCRYPT, CONST_CS | CONST_PERSISTENT);
-
return SUCCESS;
}
/* }}} */
@@ -95,8 +92,6 @@ static int php_password_salt_to64(const char *str, const int
str_len, const int
}
/* }}} */
-#define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len)
(zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **)
func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION
func_ptr-internal_function.handler != zif_display_disabled_function)
-
static int php_password_make_salt(long length, int salt_type, char *ret
TSRMLS_DC) /* {{{ */
{
int buffer_valid = 0;
@@ -277,35 +272,6 @@ PHP_FUNCTION(password_verify)
}
/* }}} */
-/* {{{ proto string password_make_salt(int length, int salt_type =
PASSWORD_SALT_BCRYPT)
-Make a new random salt */
-PHP_FUNCTION(password_make_salt)
-{
- char *salt;
- long length = 0, salt_type = 0;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|l, length,
salt_type) == FAILURE) {
- RETURN_NULL();
- }
- if (length = 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be
less than or equal zero: %ld, length);
- RETURN_NULL();
- } else if (length (LONG_MAX / 3)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too
large to safely generate);
- RETURN_NULL();
- }
-
- if (!salt_type) {
- salt_type = PHP_PASSWORD_SALT_BCRYPT;
- }
- salt = safe_emalloc(length, 1, 1);
- if (php_password_make_salt(length, (int) salt_type, salt TSRMLS_CC) ==
FAILURE) {
- efree(salt);
- RETURN_FALSE;
- }
- RETURN_STRINGL(salt, length, 0);
-}
-/* }}} */
-
/* {{{ proto string password_hash(string password, int algo, array options =
array())
Hash a password */
PHP_FUNCTION(password_hash)
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index 8211ae1..d99c061 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -23,7 +23,6 @@
PHP_FUNCTION(password_hash);
PHP_FUNCTION(password_verify);
-PHP_FUNCTION(password_make_salt);
PHP_FUNCTION(password_needs_rehash);
PHP_FUNCTION(password_get_info
[PHP-CVS] com php-src: Switch second parameter to password_make_salt to be a flag: ext/standard/password.c ext/standard/php_password.h ext/standard/tests/password/password_make_salt.phpt ext/standard/
Commit:707c9073b595a75447fbc25e01e7804293fad9b7
Author:Anthony Ferrara ircmax...@php.net Wed, 11 Jul 2012
22:15:56 -0400
Parents: 99b7956ad58395853f7950ae01a43139413d348d
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=707c9073b595a75447fbc25e01e7804293fad9b7
Log:
Switch second parameter to password_make_salt to be a flag
Changed paths:
M ext/standard/password.c
M ext/standard/php_password.h
M ext/standard/tests/password/password_make_salt.phpt
M ext/standard/tests/password/password_make_salt_error.phpt
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 2f1ebb5..2e5d62a 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -39,6 +39,10 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
{
REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS
| CONST_PERSISTENT);
+
+ REGISTER_LONG_CONSTANT(PASSWORD_SALT_RAW, PHP_PASSWORD_SALT_RAW,
CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT(PASSWORD_SALT_BCRYPT,
PHP_PASSWORD_SALT_BCRYPT, CONST_CS | CONST_PERSISTENT);
+
return SUCCESS;
}
/* }}} */
@@ -55,15 +59,18 @@ static long php_password_determine_algo(const char *hash,
const int len)
return 0;
}
-static int php_password_salt_is_alphabet(const char *str, const int len) /*
{{{ */
+static int php_password_salt_is_alphabet(const char *str, const int len, const
int salt_type) /* {{{ */
{
int i = 0;
- for (i = 0; i len; i++) {
- if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a'
str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i]
== '/')) {
- return 0;
+ if (salt_type == PHP_PASSWORD_SALT_BCRYPT) {
+ for (i = 0; i len; i++) {
+ if (!((str[i] = 'A' str[i] = 'Z') || (str[i] =
'a' str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' ||
str[i] == '/')) {
+ return 0;
+ }
}
}
+
return 1;
}
/* }}} */
@@ -90,20 +97,23 @@ static int php_password_salt_to64(const char *str, const
int str_len, const int
#define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len)
(zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **)
func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION
func_ptr-internal_function.handler != zif_display_disabled_function)
-static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC)
/* {{{ */
+static int php_password_make_salt(long length, int salt_type, char *ret
TSRMLS_DC) /* {{{ */
{
int buffer_valid = 0;
long i, raw_length;
char *buffer;
- if (raw) {
+ if (salt_type == PHP_PASSWORD_SALT_RAW) {
raw_length = length;
- } else {
+ } else if (salt_type == PHP_PASSWORD_SALT_BCRYPT) {
if (length (LONG_MAX / 3)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is
too large to safely generate);
return FAILURE;
}
raw_length = length * 3 / 4 + 1;
+ } else {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown salt type
paramter);
+ return FAILURE;
}
buffer = (char *) safe_emalloc(raw_length, 1, 1);
@@ -140,9 +150,7 @@ static int php_password_make_salt(long length, int raw,
char *ret TSRMLS_DC) /*
}
}
- if (raw) {
- memcpy(ret, buffer, length);
- } else {
+ if (salt_type == PHP_PASSWORD_SALT_BCRYPT) {
char *result;
result = safe_emalloc(length, 1, 1);
if (php_password_salt_to64(buffer, raw_length, length, result)
== FAILURE) {
@@ -154,6 +162,9 @@ static int php_password_make_salt(long length, int raw,
char *ret TSRMLS_DC) /*
memcpy(ret, result, length);
efree(result);
}
+ } else {
+ /* PHP_PASSWORD_SALT_RAW */
+ memcpy(ret, buffer, length);
}
efree(buffer);
ret[length] = 0;
@@ -266,14 +277,13 @@ PHP_FUNCTION(password_verify)
}
/* }}} */
-/* {{{ proto string password_make_salt(int length, boolean raw_output = false)
+/* {{{ proto string password_make_salt(int length, int salt_type =
PASSWORD_SALT_BCRYPT)
Make a new random salt */
PHP_FUNCTION(password_make_salt)
{
char *salt;
- long length = 0;
- zend_bool raw_output = 0;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|b, length,
raw_output) == FAILURE) {
+ long length = 0, salt_type = 0;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|l, length,
salt_type) == FAILURE) {
RETURN_NULL();
}
if (length = 0
[PHP-CVS] com php-src: Merge remote branch 'upstream/master' into hash_password: ext/standard/basic_functions.c
Commit:99b7956ad58395853f7950ae01a43139413d348d Author:Anthony Ferrara ircmax...@gmail.com Tue, 10 Jul 2012 10:33:51 -0400 Parents: 9d3630b5dc8fa066dc4212ead2fffc8635f5bc0a b210766084cbd00b0e479d2800e1920271a3faba Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=99b7956ad58395853f7950ae01a43139413d348d Log: Merge remote branch 'upstream/master' into hash_password * upstream/master: (34 commits) Fixed Bug #62500 (Segfault in DateInterval class when extended) Fixed test bug #62312 (warnings changed one more time) fix valgrind warning fix valgrind warning fixed #62433 test for win update NEWS Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, ) returns false) appease MSVC (doesnt like unary minus of unsigned ints) appease MSVC (doesnt like unary minus of unsigned ints) appease MSVC (doesnt like unary minus of unsigned ints) - Fixed bug #62507 (['REQUEST_TIME'] under mod_php5 returns miliseconds instead of seconds) Fixed Bug #62500 (Segfault in DateInterval class when extended) Added in NEWS and UPGRADING for feature 55218 Fix two issues with run-tests.php Fix potential integer overflow in nl2br Fix potential integer overflow in bin2hex This wil be PHP 5.3.16 Revert change 3f3ad30c50: There shouldn't be new features in 5.3, especially not if they aren't in 5.4, too. fix (signed) integer overflow (part of bug #52550 fix (signed) integer overflow (part of bug #52550 ... Bugs: https://bugs.php.net/62500 https://bugs.php.net/62312 https://bugs.php.net/62433 https://bugs.php.net/62499 https://bugs.php.net/62507 https://bugs.php.net/52550 Changed paths: MM ext/standard/basic_functions.c Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Cleanup whitespace issues: ext/standard/password.c
Commit:9d3630b5dc8fa066dc4212ead2fffc8635f5bc0a
Author:Anthony Ferrara ircmax...@gmail.com Thu, 5 Jul 2012
17:58:19 -0400
Parents: ee7e7998410c8fd5bd2183b1af375622f0ca8e02
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=9d3630b5dc8fa066dc4212ead2fffc8635f5bc0a
Log:
Cleanup whitespace issues
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 9be6f8c..2f1ebb5 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -168,9 +168,9 @@ PHP_FUNCTION(password_get_info)
char *hash;
zval *options;
-if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, hash,
hash_len) == FAILURE) {
-RETURN_NULL();
-}
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, hash,
hash_len) == FAILURE) {
+ RETURN_NULL();
+ }
ALLOC_INIT_ZVAL(options);
array_init(options);
@@ -202,8 +202,8 @@ PHP_FUNCTION(password_needs_rehash)
zval **option_buffer;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, sl|H, hash,
hash_len, new_algo, options) == FAILURE) {
-RETURN_NULL();
-}
+ RETURN_NULL();
+ }
algo = php_password_determine_algo(hash, hash_len);
if (algo != new_algo) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implement password_get_info() function: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h
Commit:ee7e7998410c8fd5bd2183b1af375622f0ca8e02
Author:Anthony Ferrara ircmax...@gmail.com Thu, 5 Jul 2012
17:46:33 -0400
Parents: db86d54446c461eab518225645889abc509db034
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=ee7e7998410c8fd5bd2183b1af375622f0ca8e02
Log:
Implement password_get_info() function
Changed paths:
M ext/standard/basic_functions.c
M ext/standard/password.c
M ext/standard/php_password.h
Diff:
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index bf6f9b0..e6500dd 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -1872,6 +1872,9 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 1)
ZEND_ARG_INFO(0, algo)
ZEND_ARG_INFO(0, options)
ZEND_END_ARG_INFO()
+ZEND_BEGIN_ARG_INFO_EX(arginfo_password_get_info, 0, 0, 1)
+ ZEND_ARG_INFO(0, hash)
+ZEND_END_ARG_INFO()
ZEND_BEGIN_ARG_INFO_EX(arginfo_password_needs_rehash, 0, 0, 1)
ZEND_ARG_INFO(0, hash)
ZEND_ARG_INFO(0, algo)
@@ -2901,6 +2904,7 @@ const zend_function_entry basic_functions[] = { /* {{{ */
PHP_FE(base64_encode,
arginfo_base64_encode)
PHP_FE(password_hash,
arginfo_password_hash)
+ PHP_FE(password_get_info,
arginfo_password_get_info)
PHP_FE(password_needs_rehash,
arginfo_password_needs_rehash)
PHP_FE(password_verify,
arginfo_password_verify)
PHP_FE(password_make_salt,
arginfo_password_make_salt)
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 6da656c..9be6f8c 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -161,6 +161,38 @@ static int php_password_make_salt(long length, int raw,
char *ret TSRMLS_DC) /*
}
/* }}} */
+PHP_FUNCTION(password_get_info)
+{
+ long algo;
+ int hash_len;
+ char *hash;
+ zval *options;
+
+if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, hash,
hash_len) == FAILURE) {
+RETURN_NULL();
+}
+
+ ALLOC_INIT_ZVAL(options);
+ array_init(options);
+
+ algo = php_password_determine_algo(hash, hash_len);
+
+ switch (algo) {
+ case PHP_PASSWORD_BCRYPT:
+ {
+ long cost = PHP_PASSWORD_BCRYPT_COST;
+ sscanf(hash, $2y$%ld$, cost);
+ add_assoc_long(options, cost, cost);
+ }
+ break;
+ }
+
+ array_init(return_value);
+
+ add_assoc_long(return_value, algo, algo);
+ add_assoc_zval(return_value, options, options);
+}
+
PHP_FUNCTION(password_needs_rehash)
{
long new_algo = 0, algo = 0;
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index 45e6849..90e4d89 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -25,6 +25,7 @@ PHP_FUNCTION(password_hash);
PHP_FUNCTION(password_verify);
PHP_FUNCTION(password_make_salt);
PHP_FUNCTION(password_needs_rehash);
+PHP_FUNCTION(password_get_info);
PHP_MINIT_FUNCTION(password);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implement password_needs_rehash() function: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h
Commit:5160dc11cd9d0e97eb59138f4639e5af0584f370
Author:Anthony Ferrara ircmax...@gmail.com Thu, 5 Jul 2012
16:22:49 -0400
Parents: 886527de56ecdd412a80a2901b8a0e3b622f037c
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=5160dc11cd9d0e97eb59138f4639e5af0584f370
Log:
Implement password_needs_rehash() function
Changed paths:
M ext/standard/basic_functions.c
M ext/standard/password.c
M ext/standard/php_password.h
Diff:
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 9e35a5e..bf6f9b0 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -1872,6 +1872,11 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 1)
ZEND_ARG_INFO(0, algo)
ZEND_ARG_INFO(0, options)
ZEND_END_ARG_INFO()
+ZEND_BEGIN_ARG_INFO_EX(arginfo_password_needs_rehash, 0, 0, 1)
+ ZEND_ARG_INFO(0, hash)
+ ZEND_ARG_INFO(0, algo)
+ ZEND_ARG_INFO(0, options)
+ZEND_END_ARG_INFO()
ZEND_BEGIN_ARG_INFO_EX(arginfo_password_verify, 0, 0, 2)
ZEND_ARG_INFO(0, password)
ZEND_ARG_INFO(0, hash)
@@ -2896,6 +2901,7 @@ const zend_function_entry basic_functions[] = { /* {{{ */
PHP_FE(base64_encode,
arginfo_base64_encode)
PHP_FE(password_hash,
arginfo_password_hash)
+ PHP_FE(password_needs_rehash,
arginfo_password_needs_rehash)
PHP_FE(password_verify,
arginfo_password_verify)
PHP_FE(password_make_salt,
arginfo_password_make_salt)
diff --git a/ext/standard/password.c b/ext/standard/password.c
index eb4abd2..9bfb023 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -43,6 +43,18 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
}
/* }}} */
+static long php_password_determine_algo(const char *hash, const int len)
+{
+ if (len 3) {
+ return 0;
+ }
+ if (hash[0] == '$' hash[1] == '2' hash[2] == 'y' len == 60) {
+ return PHP_PASSWORD_BCRYPT;
+ }
+
+ return 0;
+}
+
static int php_password_salt_is_alphabet(const char *str, const int len) /*
{{{ */
{
int i = 0;
@@ -149,6 +161,44 @@ static int php_password_make_salt(long length, int raw,
char *ret TSRMLS_DC) /*
}
/* }}} */
+PHP_FUNCTION(password_needs_rehash)
+{
+ long new_algo = 0, algo = 0;
+ int hash_len;
+ char *hash;
+ HashTable *options = 0;
+ zval **option_buffer;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, sl|H, hash,
hash_len, new_algo, options) == FAILURE) {
+RETURN_NULL();
+}
+ algo = php_password_determine_algo(hash, hash_len);
+
+ if (algo != new_algo) {
+ RETURN_TRUE;
+ }
+
+ switch (algo) {
+ case PHP_PASSWORD_BCRYPT:
+ {
+ int newCost = PHP_PASSWORD_BCRYPT_COST, cost =
0;
+
+ if (options zend_symtable_find(options,
cost, 5, (void **) option_buffer) == SUCCESS) {
+ convert_to_long_ex(option_buffer);
+ newCost = Z_LVAL_PP(option_buffer);
+ zval_ptr_dtor(option_buffer);
+ }
+
+ sscanf(hash, $2y$%d$, cost);
+ if (cost != newCost) {
+ RETURN_TRUE;
+ }
+ }
+ break;
+ }
+ RETURN_FALSE;
+}
+
/* {{{ proto boolean password_make_salt(string password, string hash)
Verify a hash created using crypt() or password_hash() */
PHP_FUNCTION(password_verify)
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index 57c6b88..45e6849 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -24,6 +24,7 @@
PHP_FUNCTION(password_hash);
PHP_FUNCTION(password_verify);
PHP_FUNCTION(password_make_salt);
+PHP_FUNCTION(password_needs_rehash);
PHP_MINIT_FUNCTION(password);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix issue with int vs long parameter: ext/standard/password.c
Commit:db86d54446c461eab518225645889abc509db034
Author:Anthony Ferrara ircmax...@gmail.com Thu, 5 Jul 2012
17:31:40 -0400
Parents: 5160dc11cd9d0e97eb59138f4639e5af0584f370
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=db86d54446c461eab518225645889abc509db034
Log:
Fix issue with int vs long parameter
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 9bfb023..6da656c 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -266,7 +266,8 @@ Hash a password */
PHP_FUNCTION(password_hash)
{
char *hash_format, *hash, *salt, *password, *result;
- int algo = 0, salt_len = 0, required_salt_len = 0, hash_format_len,
password_len;
+ long algo = 0;
+ int salt_len = 0, required_salt_len = 0, hash_format_len, password_len;
HashTable *options = 0;
zval **option_buffer;
@@ -297,7 +298,7 @@ PHP_FUNCTION(password_hash)
}
break;
default:
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown
password hashing algorithm: %d, algo);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown
password hashing algorithm: %ld, algo);
RETURN_NULL();
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Update signature info for changing algo to an ordinal: ext/standard/password.c
Commit:886527de56ecdd412a80a2901b8a0e3b622f037c
Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 3 Jul 2012
08:26:50 -0400
Parents: 6943f2ab7f729d26281f9358dba27890d07dd24d
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=886527de56ecdd412a80a2901b8a0e3b622f037c
Log:
Update signature info for changing algo to an ordinal
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 6de8120..eb4abd2 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -211,7 +211,7 @@ PHP_FUNCTION(password_make_salt)
}
/* }}} */
-/* {{{ proto string password_hash(string password, string algo, array options
= array())
+/* {{{ proto string password_hash(string password, int algo, array options =
array())
Hash a password */
PHP_FUNCTION(password_hash)
{
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Some more refactoring, make algo no longer optional: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h ext/standard/tests/password/password_hash
Commit:6943f2ab7f729d26281f9358dba27890d07dd24d
Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 3 Jul 2012
08:24:31 -0400
Parents: 6cc3c65fbf06da075934c89e470fa776d4d968fa
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=6943f2ab7f729d26281f9358dba27890d07dd24d
Log:
Some more refactoring, make algo no longer optional
Changed paths:
M ext/standard/basic_functions.c
M ext/standard/password.c
M ext/standard/php_password.h
M ext/standard/tests/password/password_hash.phpt
M ext/standard/tests/password/password_hash_error.phpt
Diff:
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 5dc86ab..9e35a5e 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -3846,7 +3846,6 @@ PHP_MINFO_FUNCTION(basic) /* {{{ */
php_info_print_table_start();
BASIC_MINFO_SUBMODULE(dl)
BASIC_MINFO_SUBMODULE(mail)
- BASIC_MINFO_SUBMODULE(password)
php_info_print_table_end();
BASIC_MINFO_SUBMODULE(assert)
}
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 9c03152..6de8120 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -37,8 +37,8 @@
PHP_MINIT_FUNCTION(password) /* {{{ */
{
- REGISTER_STRING_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
- REGISTER_STRING_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT,
CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS
| CONST_PERSISTENT);
return SUCCESS;
}
/* }}} */
@@ -211,45 +211,44 @@ PHP_FUNCTION(password_make_salt)
}
/* }}} */
-/* {{{ proto string password_hash(string password, string algo =
PASSWORD_DEFAULT, array options = array())
+/* {{{ proto string password_hash(string password, string algo, array options
= array())
Hash a password */
PHP_FUNCTION(password_hash)
{
- char *algo = 0, *hash_format, *hash, *salt, *password, *result;
- int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len,
password_len;
+ char *hash_format, *hash, *salt, *password, *result;
+ int algo = 0, salt_len = 0, required_salt_len = 0, hash_format_len,
password_len;
HashTable *options = 0;
zval **option_buffer;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|sH, password,
password_len, algo, algo_len, options) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, sl|H, password,
password_len, algo, options) == FAILURE) {
RETURN_NULL();
}
- if (algo_len == 0) {
- algo = PHP_PASSWORD_DEFAULT;
- algo_len = strlen(PHP_PASSWORD_DEFAULT);
- }
-
- if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) {
- int cost = PHP_PASSWORD_BCRYPT_COST;
-
- if (options zend_symtable_find(options, cost, 5, (void **)
option_buffer) == SUCCESS) {
- convert_to_long_ex(option_buffer);
- cost = Z_LVAL_PP(option_buffer);
- zval_ptr_dtor(option_buffer);
+ switch (algo) {
+ case PHP_PASSWORD_BCRYPT:
+ {
+ int cost = PHP_PASSWORD_BCRYPT_COST;
+
+ if (options zend_symtable_find(options, cost, 5,
(void **) option_buffer) == SUCCESS) {
+ convert_to_long_ex(option_buffer);
+ cost = Z_LVAL_PP(option_buffer);
+ zval_ptr_dtor(option_buffer);
+ }
+
+ if (cost 4 || cost 31) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
Invalid bcrypt cost parameter specified: %d, cost);
+ RETURN_NULL();
+ }
+
+ required_salt_len = 22;
+ hash_format = emalloc(8);
+ sprintf(hash_format, $2y$%02d$, cost);
+ hash_format_len = 7;
}
-
- if (cost 4 || cost 31) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid
bcrypt cost parameter specified: %d, cost);
+ break;
+ default:
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown
password hashing algorithm: %d, algo);
RETURN_NULL();
- }
-
- required_salt_len = 22;
- hash_format = emalloc(8);
- sprintf(hash_format, $2y$%02d$, cost);
- hash_format_len = 7;
- } else {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown password
hashing algorithm: %s, algo);
- RETURN_NULL
[PHP-CVS] com php-src: Remove php.ini setting for default bcrypt cost: ext/standard/password.c ext/standard/php_password.h ext/standard/tests/password/password_hash.phpt php.ini-development php.ini-pr
Commit:6cc3c65fbf06da075934c89e470fa776d4d968fa
Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 3 Jul 2012
07:33:55 -0400
Parents: f53112fdcf746ef73660059e72f8798d0108acac
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=6cc3c65fbf06da075934c89e470fa776d4d968fa
Log:
Remove php.ini setting for default bcrypt cost
Changed paths:
M ext/standard/password.c
M ext/standard/php_password.h
M ext/standard/tests/password/password_hash.phpt
M php.ini-development
M php.ini-production
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 558cf24..9c03152 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -43,12 +43,6 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
}
/* }}} */
-PHP_MINFO_FUNCTION(password) /* {{{ */
-{
- php_info_print_table_row(2, Default Password BCrypt Cost,
INI_STR(password.bcrypt_cost));
-}
-/* }}} */
-
static int php_password_salt_is_alphabet(const char *str, const int len) /*
{{{ */
{
int i = 0;
@@ -236,8 +230,7 @@ PHP_FUNCTION(password_hash)
}
if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) {
- int cost = 0;
- cost = (int) INI_INT(password.bcrypt_cost);
+ int cost = PHP_PASSWORD_BCRYPT_COST;
if (options zend_symtable_find(options, cost, 5, (void **)
option_buffer) == SUCCESS) {
convert_to_long_ex(option_buffer);
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index 81fe41f..338665e 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -26,11 +26,12 @@ PHP_FUNCTION(password_verify);
PHP_FUNCTION(password_make_salt);
PHP_MINIT_FUNCTION(password);
-PHP_MINFO_FUNCTION(password);
#define PHP_PASSWORD_DEFAULT 2y
#define PHP_PASSWORD_BCRYPT2y
+#define PHP_PASSWORD_BCRYPT_COST 10
+
#endif
diff --git a/ext/standard/tests/password/password_hash.phpt
b/ext/standard/tests/password/password_hash.phpt
index 2fca8b7..3b6fc09 100644
--- a/ext/standard/tests/password/password_hash.phpt
+++ b/ext/standard/tests/password/password_hash.phpt
@@ -4,9 +4,6 @@ Test normal operation of password_hash()
?php
//-=-=-=-
-// Set the cost low so the test is fast
-ini_set('password.bcrypt_cost', '4');
-
var_dump(strlen(password_hash(foo)));
$hash = password_hash(foo);
@@ -17,17 +14,12 @@ var_dump(password_hash(rasmuslerdorf, PASSWORD_BCRYPT,
array(cost = 7, sal
var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt =
123456789012345678901 . chr(0;
-// test ini parameter to ensure that it updates
-ini_set('password.bcrypt_cost', '5');
-var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt =
123456789012345678901 . chr(0;
-
-
echo OK!;
?
--EXPECT--
int(60)
bool(true)
string(60) $2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi
-string(60) $2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG
-string(60) $2y$05$MTIzNDU2Nzg5MDEyMzQ1NeVt1jFvl6ZQVujUMmcYvue.Mr5oZVQa2
+string(60) $2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y
OK!
+
diff --git a/php.ini-development b/php.ini-development
index 5f1205e..a5a7a4a 100644
--- a/php.ini-development
+++ b/php.ini-development
@@ -1359,15 +1359,6 @@ bcmath.scale = 0
; http://php.net/browscap
;browscap = extra/browscap.ini
-[password]
-; The default cost of a bcrypt hash created using password_hash()
-; Note that this is only the default, and can be overriden by the
-; options argument to password_hash(). Additionally, it only affects
-; newly created hashes. A higher value will make the generated
-; hash more resistent to brute forcing, but will also use more CPU
-; Default: 11
-; password.bcrypt_cost = 11
-
[Session]
; Handler used to store/retrieve data.
; http://php.net/session.save-handler
diff --git a/php.ini-production b/php.ini-production
index 927f305..5d8f26e 100644
--- a/php.ini-production
+++ b/php.ini-production
@@ -1359,15 +1359,6 @@ bcmath.scale = 0
; http://php.net/browscap
;browscap = extra/browscap.ini
-[password]
-; The default cost of a bcrypt hash created using password_hash()
-; Note that this is only the default, and can be overriden by the
-; options argument to password_hash(). Additionally, it only affects
-; newly created hashes. A higher value will make the generated
-; hash more resistent to brute forcing, but will also use more CPU
-; Default: 11
-; password.bcrypt_cost = 11
-
[Session]
; Handler used to store/retrieve data.
; http://php.net/session.save-handler
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Update password.c to use safe_emalloc in sensitive places: ext/standard/password.c
Commit:f53112fdcf746ef73660059e72f8798d0108acac
Author:Anthony Ferrara ircmax...@gmail.com Fri, 29 Jun 2012
11:37:39 -0400
Parents: 9c1445c6bcee99dbe1eeb9eb8eb6cd626ca72a9c
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=f53112fdcf746ef73660059e72f8798d0108acac
Log:
Update password.c to use safe_emalloc in sensitive places
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 982ae7d..558cf24 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -99,7 +99,7 @@ static int php_password_make_salt(long length, int raw, char
*ret TSRMLS_DC) /*
}
raw_length = length * 3 / 4 + 1;
}
- buffer = (char *) emalloc(raw_length + 1);
+ buffer = (char *) safe_emalloc(raw_length, 1, 1);
#if PHP_WIN32
{
@@ -138,7 +138,7 @@ static int php_password_make_salt(long length, int raw,
char *ret TSRMLS_DC) /*
memcpy(ret, buffer, length);
} else {
char *result;
- result = emalloc(length + 1);
+ result = safe_emalloc(length, 1, 1);
if (php_password_salt_to64(buffer, raw_length, length, result)
== FAILURE) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, Generated
salt too short);
efree(buffer);
@@ -208,7 +208,7 @@ PHP_FUNCTION(password_make_salt)
RETURN_NULL();
}
- salt = emalloc(length + 1);
+ salt = safe_emalloc(length, 1, 1);
if (php_password_make_salt(length, (int) raw_output, salt TSRMLS_CC) ==
FAILURE) {
efree(salt);
RETURN_FALSE;
@@ -316,7 +316,7 @@ PHP_FUNCTION(password_hash)
salt[salt_len] = 0;
- hash = emalloc(salt_len + hash_format_len + 1);
+ hash = safe_emalloc(salt_len + hash_format_len, 1, 1);
sprintf(hash, %s%s, hash_format, salt);
hash[hash_format_len + salt_len] = 0;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: More refactoring of crypt into php_crypt, and fixing memory allocation: ext/standard/crypt.c ext/standard/password.c ext/standard/php_crypt.h
Commit:9c1445c6bcee99dbe1eeb9eb8eb6cd626ca72a9c
Author:Anthony Ferrara ircmax...@gmail.com Fri, 29 Jun 2012
11:32:25 -0400
Parents: 9e18e578f0e7f30c2d73ae38620b5fd228ac21eb
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=9c1445c6bcee99dbe1eeb9eb8eb6cd626ca72a9c
Log:
More refactoring of crypt into php_crypt, and fixing memory allocation
Changed paths:
M ext/standard/crypt.c
M ext/standard/password.c
M ext/standard/php_crypt.h
Diff:
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
index 25f5ec0..3b443fc 100644
--- a/ext/standard/crypt.c
+++ b/ext/standard/crypt.c
@@ -145,7 +145,7 @@ static void php_to64(char *s, long v, int n) /* {{{ */
}
/* }}} */
-PHPAPI int crypt_execute(const char *password, const int pass_len, const char
*salt, int salt_len, char **result)
+PHPAPI int php_crypt(const char *password, const int pass_len, const char
*salt, int salt_len, char **result)
{
char *crypt_res;
/* Windows (win32/crypt) has a stripped down version of libxcrypt and
@@ -159,46 +159,38 @@ PHPAPI int crypt_execute(const char *password, const int
pass_len, const char *s
out = php_md5_crypt_r(password, salt, output);
if (out) {
- *result = (char *) emalloc(MD5_HASH_MAX_LEN +
1);
- memcpy(*result, out, MD5_HASH_MAX_LEN);
- *result[MD5_HASH_MAX_LEN] = 0;
+ *result = estrdup(out);
return SUCCESS;
}
return FAILURE;
} else if (salt[0]=='$' salt[1]=='6' salt[2]=='$') {
- const char sha512_salt_prefix[] = $6$;
- const char sha512_rounds_prefix[] = rounds=;
char *output;
- int needed = (sizeof(sha512_salt_prefix) - 1
- + sizeof(sha512_rounds_prefix)
+ 9 + 1
- + salt_in_len + 1 + 86 + 1);
- output = emalloc(needed);
+ output = emalloc(PHP_MAX_SALT_LEN);
- crypt_res = php_sha512_crypt_r(password, salt, output,
needed);
+ crypt_res = php_sha512_crypt_r(password, salt, output,
PHP_MAX_SALT_LEN);
if (!crypt_res) {
- memset(output, 0, needed);
+ memset(output, 0, PHP_MAX_SALT_LEN);
efree(output);
return FAILURE;
} else {
- *result = output;
+ *result = estrdup(output);
+ memset(output, 0, PHP_MAX_SALT_LEN);
+ efree(output);
return SUCCESS;
}
} else if (salt[0]=='$' salt[1]=='5' salt[2]=='$') {
- const char sha256_salt_prefix[] = $5$;
- const char sha256_rounds_prefix[] = rounds=;
char *output;
- int needed = (sizeof(sha256_salt_prefix) - 1
- + sizeof(sha256_rounds_prefix)
+ 9 + 1
- + salt_in_len + 1 + 43 + 1);
- output = emalloc(needed);
+ output = emalloc(PHP_MAX_SALT_LEN);
- crypt_res = php_sha256_crypt_r(password, salt, output,
needed);
+ crypt_res = php_sha256_crypt_r(password, salt, output,
PHP_MAX_SALT_LEN);
if (!crypt_res) {
- memset(output, 0, needed);
+ memset(output, 0, PHP_MAX_SALT_LEN);
efree(output);
return FAILURE;
} else {
- *result = output;
+ *result = estrdup(output);
+ memset(output, 0, PHP_MAX_SALT_LEN);
+ efree(output);
return SUCCESS;
}
} else if (
@@ -218,11 +210,7 @@ PHPAPI int crypt_execute(const char *password, const int
pass_len, const char *s
memset(output, 0, PHP_MAX_SALT_LEN + 1);
return FAILURE;
} else {
- int result_len;
- result_len = strlen(output);
- *result = emalloc(result_len + 1);
- memcpy(*result, output, result_len);
- (*result)[result_len] = 0
[PHP-CVS] com php-src: Refactor password.c a bit, add different error checking: ext/standard/password.c ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_has
Commit:da3d8bf514e61a486065b0bf335b4657f20e6b66
Author:Anthony Ferrara ircmax...@gmail.com Thu, 28 Jun 2012
15:29:40 -0400
Parents: 6bb3865a235d437d91df1940b0caad6995b69d4c
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=da3d8bf514e61a486065b0bf335b4657f20e6b66
Log:
Refactor password.c a bit, add different error checking
Changed paths:
M ext/standard/password.c
M ext/standard/tests/password/password_bcrypt_errors.phpt
M ext/standard/tests/password/password_hash_error.phpt
M ext/standard/tests/password/password_make_salt_error.phpt
diff --git a/ext/standard/password.c b/ext/standard/password.c
index e0e260a..dfe624d 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -21,10 +21,12 @@
#include stdlib.h
#include php.h
+#if HAVE_CRYPT
#include fcntl.h
#include php_password.h
#include php_rand.h
+#include php_crypt.h
#include base64.h
#include zend_interfaces.h
#include info.h
@@ -157,28 +159,19 @@ static int php_password_make_salt(long length, int raw,
char *ret TSRMLS_DC) /*
Verify a hash created using crypt() or password_hash() */
PHP_FUNCTION(password_verify)
{
- zval *password, *hash, *ret;
int status = 0, i;
- zend_function *func_ptr;
-
- if (!PHP_PASSWORD_FUNCTION_EXISTS(crypt, 5)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Crypt must be
loaded for password_verify to function);
- RETURN_FALSE;
- }
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, password,
hash) == FAILURE) {
+ int password_len, hash_len;
+ char *ret, *password, *hash;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ss, password,
password_len, hash, hash_len) == FAILURE) {
RETURN_FALSE;
}
-
- zend_call_method_with_2_params(NULL, NULL, NULL, crypt, ret,
password, hash);
-
- if (Z_TYPE_P(ret) != IS_STRING) {
- zval_ptr_dtor(ret);
+ if (crypt_execute(password, password_len, hash, hash_len, ret) ==
FAILURE) {
RETURN_FALSE;
}
- if (Z_STRLEN_P(ret) != Z_STRLEN_P(hash)) {
- zval_ptr_dtor(ret);
+ if (strlen(ret) != hash_len) {
+ efree(ret);
RETURN_FALSE;
}
@@ -186,11 +179,11 @@ PHP_FUNCTION(password_verify)
* resistence towards timing attacks. This is a constant time
* equality check that will always check every byte of both
* values. */
- for (i = 0; i Z_STRLEN_P(ret); i++) {
- status |= (Z_STRVAL_P(ret)[i] ^ Z_STRVAL_P(hash)[i]);
+ for (i = 0; i hash_len; i++) {
+ status |= (ret[i] ^ hash[i]);
}
- zval_ptr_dtor(ret);
+ efree(ret);
RETURN_BOOL(status == 0);
@@ -205,14 +198,14 @@ PHP_FUNCTION(password_make_salt)
long length = 0;
zend_bool raw_output = 0;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|b, length,
raw_output) == FAILURE) {
- RETURN_FALSE;
+ RETURN_NULL();
}
if (length = 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be
less than or equal zero: %ld, length);
- RETURN_FALSE;
+ RETURN_NULL();
} else if (length (LONG_MAX / 3)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too
large to safely generate);
- RETURN_FALSE;
+ RETURN_NULL();
}
salt = emalloc(length + 1);
@@ -228,24 +221,13 @@ PHP_FUNCTION(password_make_salt)
Hash a password */
PHP_FUNCTION(password_hash)
{
- char *algo = 0, *hash_format, *hash, *salt;
- int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len;
+ char *algo = 0, *hash_format, *hash, *salt, *password, *result;
+ int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len,
password_len;
HashTable *options = 0;
- zval **option_buffer, *ret, *password, *hash_zval;
- zend_function *func_ptr;
-
- if (!PHP_PASSWORD_FUNCTION_EXISTS(crypt, 5)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Crypt must be
loaded for password_hash to function);
- RETURN_FALSE;
- }
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|sH, password,
algo, algo_len, options) == FAILURE) {
- RETURN_FALSE;
- }
+ zval **option_buffer;
- if (Z_TYPE_P(password) != IS_STRING) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Password must be a
string);
- RETURN_FALSE;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|sH, password,
password_len, algo, algo_len, options) == FAILURE) {
+ RETURN_NULL();
}
if (algo_len == 0) {
@@ -265,7 +247,7 @@ PHP_FUNCTION(password_hash)
if (cost 4 || cost 31
[PHP-CVS] com php-src: Refactor crypt to use an external working function: ext/standard/crypt.c ext/standard/php_crypt.h
Commit:6bb3865a235d437d91df1940b0caad6995b69d4c
Author:Anthony Ferrara ircmax...@gmail.com Thu, 28 Jun 2012
14:44:04 -0400
Parents: 0dd2f16b148f4054d65645b9cf971fe08824d78d
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=6bb3865a235d437d91df1940b0caad6995b69d4c
Log:
Refactor crypt to use an external working function
Changed paths:
M ext/standard/crypt.c
M ext/standard/php_crypt.h
Diff:
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
index 9a1fcf1..a592a4b 100644
--- a/ext/standard/crypt.c
+++ b/ext/standard/crypt.c
@@ -145,44 +145,9 @@ static void php_to64(char *s, long v, int n) /* {{{ */
}
/* }}} */
-/* {{{ proto string crypt(string str [, string salt])
- Hash a string */
-PHP_FUNCTION(crypt)
+PHPAPI int crypt_execute(const char *password, const int pass_len, const char
*salt, int salt_len, char **result)
{
- char salt[PHP_MAX_SALT_LEN + 1];
- char *str, *salt_in = NULL;
- int str_len, salt_in_len = 0;
char *crypt_res;
- salt[0] = salt[PHP_MAX_SALT_LEN] = '\0';
-
- /* This will produce suitable results if people depend on DES-encryption
-* available (passing always 2-character salt). At least for glibc6.1 */
- memset(salt[1], '$', PHP_MAX_SALT_LEN - 1);
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|s, str,
str_len, salt_in, salt_in_len) == FAILURE) {
- return;
- }
-
- if (salt_in) {
- memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len));
- }
-
- /* The automatic salt generation covers standard DES, md5-crypt and
Blowfish (simple) */
- if (!*salt) {
-#if PHP_MD5_CRYPT
- strncpy(salt, $1$, PHP_MAX_SALT_LEN);
- php_to64(salt[3], PHP_CRYPT_RAND, 4);
- php_to64(salt[7], PHP_CRYPT_RAND, 4);
- strncpy(salt[11], $, PHP_MAX_SALT_LEN - 11);
-#elif PHP_STD_DES_CRYPT
- php_to64(salt[0], PHP_CRYPT_RAND, 2);
- salt[2] = '\0';
-#endif
- salt_in_len = strlen(salt);
- } else {
- salt_in_len = MIN(PHP_MAX_SALT_LEN, salt_in_len);
- }
-
/* Windows (win32/crypt) has a stripped down version of libxcrypt and
a CryptoApi md5_crypt implementation */
#if PHP_USE_PHP_CRYPT_R
@@ -190,55 +155,52 @@ PHP_FUNCTION(crypt)
struct php_crypt_extended_data buffer;
if (salt[0]=='$' salt[1]=='1' salt[2]=='$') {
- char output[MD5_HASH_MAX_LEN];
-
- RETURN_STRING(php_md5_crypt_r(str, salt, output), 1);
+ char output[MD5_HASH_MAX_LEN], *out;
+
+ out = php_md5_crypt_r(password, salt, output);
+ if (out) {
+ *result = (char *) emalloc(MD5_HASH_MAX_LEN +
1);
+ memcpy(*result, out, MD5_HASH_MAX_LEN);
+ *result[MD5_HASH_MAX_LEN] = 0;
+ return SUCCESS;
+ }
+ return FAILURE;
} else if (salt[0]=='$' salt[1]=='6' salt[2]=='$') {
const char sha512_salt_prefix[] = $6$;
const char sha512_rounds_prefix[] = rounds=;
char *output;
int needed = (sizeof(sha512_salt_prefix) - 1
+ sizeof(sha512_rounds_prefix)
+ 9 + 1
- + strlen(salt) + 1 + 43 + 1);
+ + PHP_MAX_SALT_LEN + 43 + 1);
output = emalloc(needed);
- salt[salt_in_len] = '\0';
- crypt_res = php_sha512_crypt_r(str, salt, output,
needed);
+ crypt_res = php_sha512_crypt_r(password, salt, output,
needed);
if (!crypt_res) {
- if (salt[0]=='*' salt[1]=='0') {
- RETVAL_STRING(*1, 1);
- } else {
- RETVAL_STRING(*0, 1);
- }
+ memset(output, 0, needed);
+ efree(output);
+ return FAILURE;
} else {
- RETVAL_STRING(output, 1);
+ *result = output;
+ return SUCCESS;
}
-
- memset(output, 0, PHP_MAX_SALT_LEN + 1);
- efree(output);
} else if (salt[0]=='$' salt[1]=='5' salt[2]=='$') {
const char sha256_salt_prefix[] = $5$;
const char sha256_rounds_prefix[] = rounds=;
char *output
[PHP-CVS] com php-src: Fix formatting issues in password.c: ext/standard/password.c
Commit:0dd2f16b148f4054d65645b9cf971fe08824d78d
Author:Anthony Ferrara ircmax...@gmail.com Wed, 27 Jun 2012
11:04:41 -0400
Parents: 5f44be03af7733c2618d980e77426572fb0148df
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=0dd2f16b148f4054d65645b9cf971fe08824d78d
Log:
Fix formatting issues in password.c
Changed paths:
M ext/standard/password.c
diff --git a/ext/standard/password.c b/ext/standard/password.c
index ab115af..e0e260a 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -33,8 +33,6 @@
#include win32/winutil.h
#endif
-
-
PHP_MINIT_FUNCTION(password) /* {{{ */
{
REGISTER_STRING_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
@@ -49,40 +47,42 @@ PHP_MINFO_FUNCTION(password) /* {{{ */
}
/* }}} */
-static int php_password_salt_is_alphabet(const char *str, const int len)
+static int php_password_salt_is_alphabet(const char *str, const int len) /*
{{{ */
{
-int i = 0;
-
-for (i = 0; i len; i++) {
-if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a'
str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i]
== '/')) {
-return 0;
-}
-}
-return 1;
+ int i = 0;
+
+ for (i = 0; i len; i++) {
+ if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a'
str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i]
== '/')) {
+ return 0;
+ }
+ }
+ return 1;
}
+/* }}} */
-static int php_password_salt_to64(const char *str, const int str_len, const
int out_len, char *ret)
+static int php_password_salt_to64(const char *str, const int str_len, const
int out_len, char *ret) /* {{{ */
{
-int pos = 0;
+ int pos = 0;
unsigned char *buffer;
-buffer = php_base64_encode((unsigned char*) str, str_len, NULL);
-for (pos = 0; pos out_len; pos++) {
-if (buffer[pos] == '+') {
-ret[pos] = '.';
+ buffer = php_base64_encode((unsigned char*) str, str_len, NULL);
+ for (pos = 0; pos out_len; pos++) {
+ if (buffer[pos] == '+') {
+ ret[pos] = '.';
} else if (buffer[pos] == '=') {
efree(buffer);
return FAILURE;
-} else {
+ } else {
ret[pos] = buffer[pos];
}
-}
+ }
efree(buffer);
return SUCCESS;
}
+/* }}} */
#define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len)
(zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **)
func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION
func_ptr-internal_function.handler != zif_display_disabled_function)
-static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC)
+static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC)
/* {{{ */
{
int buffer_valid = 0;
long i, raw_length;
@@ -131,7 +131,6 @@ static int php_password_make_salt(long length, int raw,
char *ret TSRMLS_DC)
buffer[i] ^= (char) (255.0 * php_rand(TSRMLS_C) /
RAND_MAX);
}
}
- /* /Temp Placeholder */
if (raw) {
memcpy(ret, buffer, length);
@@ -151,8 +150,11 @@ static int php_password_make_salt(long length, int raw,
char *ret TSRMLS_DC)
efree(buffer);
ret[length] = 0;
return SUCCESS;
-}
+}
+/* }}} */
+/* {{{ proto boolean password_make_salt(string password, string hash)
+Verify a hash created using crypt() or password_hash() */
PHP_FUNCTION(password_verify)
{
zval *password, *hash, *ret;
@@ -165,8 +167,8 @@ PHP_FUNCTION(password_verify)
}
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, password,
hash) == FAILURE) {
-RETURN_FALSE;
-}
+ RETURN_FALSE;
+ }
zend_call_method_with_2_params(NULL, NULL, NULL, crypt, ret,
password, hash);
@@ -193,15 +195,18 @@ PHP_FUNCTION(password_verify)
RETURN_BOOL(status == 0);
}
+/* }}} */
+/* {{{ proto string password_make_salt(int length, boolean raw_output = false)
+Make a new random salt */
PHP_FUNCTION(password_make_salt)
{
char *salt;
long length = 0;
zend_bool raw_output = 0;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|b, length,
raw_output) == FAILURE) {
-RETURN_FALSE;
-}
+ RETURN_FALSE;
+ }
if (length = 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be
less than or equal zero: %ld, length);
RETURN_FALSE;
@@ -217,16 +222,16 @@ PHP_FUNCTION(password_make_salt)
}
RETURN_STRINGL(salt, length, 0);
}
-
+/* }}} */
/* {{{ proto string
[PHP-CVS] com php-src: Update tests to check ini setting: ext/standard/tests/password/password_hash.phpt
Commit:2b9591f11f2573f8d9032477b7ad49c6cf92988c
Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 26 Jun 2012
22:13:51 -0400
Parents: e505316aeba0fbb52cd21ff84af784a9d3e2b49a
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=2b9591f11f2573f8d9032477b7ad49c6cf92988c
Log:
Update tests to check ini setting
Changed paths:
M ext/standard/tests/password/password_hash.phpt
Diff:
diff --git a/ext/standard/tests/password/password_hash.phpt
b/ext/standard/tests/password/password_hash.phpt
index ecefa10..2fca8b7 100644
--- a/ext/standard/tests/password/password_hash.phpt
+++ b/ext/standard/tests/password/password_hash.phpt
@@ -17,6 +17,11 @@ var_dump(password_hash(rasmuslerdorf, PASSWORD_BCRYPT,
array(cost = 7, sal
var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt =
123456789012345678901 . chr(0;
+// test ini parameter to ensure that it updates
+ini_set('password.bcrypt_cost', '5');
+var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt =
123456789012345678901 . chr(0;
+
+
echo OK!;
?
--EXPECT--
@@ -24,4 +29,5 @@ int(60)
bool(true)
string(60) $2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi
string(60) $2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG
+string(60) $2y$05$MTIzNDU2Nzg5MDEyMzQ1NeVt1jFvl6ZQVujUMmcYvue.Mr5oZVQa2
OK!
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Add tests and error checking for large salt requested values to prevent overflow on allocation: ext/standard/password.c ext/standard/tests/password/password_make_salt_error.phpt
Commit:5f44be03af7733c2618d980e77426572fb0148df
Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 26 Jun 2012
23:09:08 -0400
Parents: 2b9591f11f2573f8d9032477b7ad49c6cf92988c
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=5f44be03af7733c2618d980e77426572fb0148df
Log:
Add tests and error checking for large salt requested values to prevent
overflow on allocation
Changed paths:
M ext/standard/password.c
M ext/standard/tests/password/password_make_salt_error.phpt
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 94aa4dc..ab115af 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -82,14 +82,19 @@ static int php_password_salt_to64(const char *str, const
int str_len, const int
#define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len)
(zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **)
func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION
func_ptr-internal_function.handler != zif_display_disabled_function)
-static int php_password_make_salt(int length, int raw, char *ret TSRMLS_DC)
+static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC)
{
- int i, raw_length, buffer_valid = 0;
+ int buffer_valid = 0;
+ long i, raw_length;
char *buffer;
if (raw) {
raw_length = length;
} else {
+ if (length (LONG_MAX / 3)) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is
too large to safely generate);
+ return FAILURE;
+ }
raw_length = length * 3 / 4 + 1;
}
buffer = (char *) emalloc(raw_length + 1);
@@ -192,15 +197,19 @@ PHP_FUNCTION(password_verify)
PHP_FUNCTION(password_make_salt)
{
char *salt;
- int length = 0;
+ long length = 0;
zend_bool raw_output = 0;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|b, length,
raw_output) == FAILURE) {
RETURN_FALSE;
}
if (length = 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be
less than or equal zero: %d, length);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be
less than or equal zero: %ld, length);
+ RETURN_FALSE;
+ } else if (length (LONG_MAX / 3)) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too
large to safely generate);
RETURN_FALSE;
}
+
salt = emalloc(length + 1);
if (php_password_make_salt(length, (int) raw_output, salt TSRMLS_CC) ==
FAILURE) {
efree(salt);
@@ -298,7 +307,7 @@ PHP_FUNCTION(password_hash)
zval_ptr_dtor(option_buffer);
} else {
salt = emalloc(required_salt_len + 1);
- if (php_password_make_salt(required_salt_len, 0, salt
TSRMLS_CC) == FAILURE) {
+ if (php_password_make_salt((long) required_salt_len, 0, salt
TSRMLS_CC) == FAILURE) {
efree(hash_format);
efree(salt);
RETURN_FALSE;
diff --git a/ext/standard/tests/password/password_make_salt_error.phpt
b/ext/standard/tests/password/password_make_salt_error.phpt
index 7d79713..8078582 100644
--- a/ext/standard/tests/password/password_make_salt_error.phpt
+++ b/ext/standard/tests/password/password_make_salt_error.phpt
@@ -10,6 +10,10 @@ var_dump(password_make_salt(foo));
var_dump(password_make_salt(-1));
+var_dump(password_make_salt(PHP_INT_MAX));
+
+var_dump(password_make_salt(floor(PHP_INT_MAX / 2.9)));
+
?
--EXPECTF--
Warning: password_make_salt() expects at least 1 parameter, 0 given in %s on
line %d
@@ -21,3 +25,9 @@ bool(false)
Warning: password_make_salt(): Length cannot be less than or equal zero: -1 in
%s on line %d
bool(false)
+Warning: password_make_salt(): Length is too large to safely generate in %s on
line %d
+bool(false)
+
+Warning: password_make_salt(): Length is too large to safely generate in %s on
line %d
+bool(false)
+
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implement php.ini setting password.bcrypt_cost: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h main/main.c php.ini-development php.ini-produc
Commit:232da90388de2a3ba4ad430d281469498e88aca2
Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 26 Jun 2012
21:15:56 -0400
Parents: 2d4b7cb653efc3f52ca907f48b1c828632df5e41
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=232da90388de2a3ba4ad430d281469498e88aca2
Log:
Implement php.ini setting password.bcrypt_cost
Changed paths:
M ext/standard/basic_functions.c
M ext/standard/password.c
M ext/standard/php_password.h
M main/main.c
M php.ini-development
M php.ini-production
Diff:
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 9e35a5e..5dc86ab 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -3846,6 +3846,7 @@ PHP_MINFO_FUNCTION(basic) /* {{{ */
php_info_print_table_start();
BASIC_MINFO_SUBMODULE(dl)
BASIC_MINFO_SUBMODULE(mail)
+ BASIC_MINFO_SUBMODULE(password)
php_info_print_table_end();
BASIC_MINFO_SUBMODULE(assert)
}
diff --git a/ext/standard/password.c b/ext/standard/password.c
index f049fbc..94aa4dc 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -43,6 +43,11 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
}
/* }}} */
+PHP_MINFO_FUNCTION(password) /* {{{ */
+{
+ php_info_print_table_row(2, Default Password BCrypt Cost,
INI_STR(password.bcrypt_cost));
+}
+/* }}} */
static int php_password_salt_is_alphabet(const char *str, const int len)
{
@@ -169,7 +174,11 @@ PHP_FUNCTION(password_verify)
zval_ptr_dtor(ret);
RETURN_FALSE;
}
-
+
+ /* We're using this method instead of == in order to provide
+* resistence towards timing attacks. This is a constant time
+* equality check that will always check every byte of both
+* values. */
for (i = 0; i Z_STRLEN_P(ret); i++) {
status |= (Z_STRVAL_P(ret)[i] ^ Z_STRVAL_P(hash)[i]);
}
@@ -231,16 +240,20 @@ PHP_FUNCTION(password_hash)
}
if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) {
- int cost = PHP_PASSWORD_BCRYPT_DEFAULT_COST;
+ int cost = 0;
+ cost = (int) INI_INT(password.bcrypt_cost);
+
if (options zend_symtable_find(options, cost, 5, (void **)
option_buffer) == SUCCESS) {
convert_to_long_ex(option_buffer);
cost = Z_LVAL_PP(option_buffer);
zval_ptr_dtor(option_buffer);
- if (cost 4 || cost 31) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING,
Invalid bcrypt cost parameter specified: %d, cost);
- RETURN_FALSE;
- }
}
+
+ if (cost 4 || cost 31) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid
bcrypt cost parameter specified: %d, cost);
+ RETURN_FALSE;
+ }
+
required_salt_len = 22;
hash_format = emalloc(8);
sprintf(hash_format, $2y$%02d$, cost);
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index 830d31c..81fe41f 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -26,13 +26,11 @@ PHP_FUNCTION(password_verify);
PHP_FUNCTION(password_make_salt);
PHP_MINIT_FUNCTION(password);
+PHP_MINFO_FUNCTION(password);
#define PHP_PASSWORD_DEFAULT 2y
#define PHP_PASSWORD_BCRYPT2y
-#define PHP_PASSWORD_BCRYPT_DEFAULT_COST 12;
-
-
#endif
diff --git a/main/main.c b/main/main.c
index cc04b13..e52c32c 100644
--- a/main/main.c
+++ b/main/main.c
@@ -540,6 +540,8 @@ PHP_INI_BEGIN()
STD_PHP_INI_ENTRY(error_append_string,NULL,
PHP_INI_ALL,OnUpdateString, error_append_string,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY(error_prepend_string, NULL,
PHP_INI_ALL,OnUpdateString, error_prepend_string,
php_core_globals, core_globals)
+ PHP_INI_ENTRY(password.bcrypt_cost, 11,
PHP_INI_ALL,NULL)
+
PHP_INI_ENTRY(SMTP,
localhost,PHP_INI_ALL,NULL)
PHP_INI_ENTRY(smtp_port, 25,
PHP_INI_ALL,NULL)
STD_PHP_INI_BOOLEAN(mail.add_x_header,0,
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool,
mail_x_header, php_core_globals, core_globals)
diff --git a/php.ini-development b/php.ini-development
index a5a7a4a..5f1205e 100644
--- a/php.ini-development
+++ b/php.ini-development
@@ -1359,6 +1359,15 @@ bcmath.scale = 0
; http://php.net/browscap
;browscap = extra/browscap.ini
+[password]
+; The default cost
[PHP-CVS] com php-src: Add tests for password hashing: ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_hash.phpt ext/standard/tests/password/password_hash_
Commit:e505316aeba0fbb52cd21ff84af784a9d3e2b49a
Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 26 Jun 2012
22:05:25 -0400
Parents: 232da90388de2a3ba4ad430d281469498e88aca2
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=e505316aeba0fbb52cd21ff84af784a9d3e2b49a
Log:
Add tests for password hashing
Changed paths:
A ext/standard/tests/password/password_bcrypt_errors.phpt
A ext/standard/tests/password/password_hash.phpt
A ext/standard/tests/password/password_hash_error.phpt
A ext/standard/tests/password/password_make_salt.phpt
A ext/standard/tests/password/password_make_salt_error.phpt
A ext/standard/tests/password/password_verify.phpt
A ext/standard/tests/password/password_verify_error.phpt
Diff:
diff --git a/ext/standard/tests/password/password_bcrypt_errors.phpt
b/ext/standard/tests/password/password_bcrypt_errors.phpt
new file mode 100644
index 000..4223817
--- /dev/null
+++ b/ext/standard/tests/password/password_bcrypt_errors.phpt
@@ -0,0 +1,28 @@
+--TEST--
+Test error operation of password_hash() with bcrypt hashing
+--FILE--
+?php
+//-=-=-=-
+
+var_dump(password_hash(foo, PASSWORD_BCRYPT, array(cost = 3)));
+
+var_dump(password_hash(foo, PASSWORD_BCRYPT, array(cost = 32)));
+
+var_dump(password_hash(foo, PASSWORD_BCRYPT, array(salt = foo)));
+
+var_dump(password_hash(foo, PASSWORD_BCRYPT, array(salt =
123456789012345678901)));
+
+?
+--EXPECTF--
+Warning: password_hash(): Invalid bcrypt cost parameter specified: 3 in %s on
line %d
+bool(false)
+
+Warning: password_hash(): Invalid bcrypt cost parameter specified: 32 in %s on
line %d
+bool(false)
+
+Warning: password_hash(): Provided salt is too short: 3 expecting 22 in %s on
line %d
+bool(false)
+
+Warning: password_hash(): Provided salt is too short: 21 expecting 22 in %s on
line %d
+bool(false)
+
diff --git a/ext/standard/tests/password/password_hash.phpt
b/ext/standard/tests/password/password_hash.phpt
new file mode 100644
index 000..ecefa10
--- /dev/null
+++ b/ext/standard/tests/password/password_hash.phpt
@@ -0,0 +1,27 @@
+--TEST--
+Test normal operation of password_hash()
+--FILE--
+?php
+//-=-=-=-
+
+// Set the cost low so the test is fast
+ini_set('password.bcrypt_cost', '4');
+
+var_dump(strlen(password_hash(foo)));
+
+$hash = password_hash(foo);
+
+var_dump($hash == crypt(foo, $hash));
+
+var_dump(password_hash(rasmuslerdorf, PASSWORD_BCRYPT, array(cost = 7,
salt = usesomesillystringforsalt)));
+
+var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt =
123456789012345678901 . chr(0;
+
+echo OK!;
+?
+--EXPECT--
+int(60)
+bool(true)
+string(60) $2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi
+string(60) $2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG
+OK!
diff --git a/ext/standard/tests/password/password_hash_error.phpt
b/ext/standard/tests/password/password_hash_error.phpt
new file mode 100644
index 000..dfbb094
--- /dev/null
+++ b/ext/standard/tests/password/password_hash_error.phpt
@@ -0,0 +1,38 @@
+--TEST--
+Test error operation of password_hash()
+--FILE--
+?php
+//-=-=-=-
+
+var_dump(password_hash());
+
+var_dump(password_hash(foo, array()));
+
+var_dump(password_hash(foo, bar, new StdClass));
+
+var_dump(password_hash(foo, bar, baz));
+
+var_dump(password_hash(123));
+
+var_dump(password_hash(123, PASSWORD_BCRYPT, array(salt = 13)));
+
+?
+--EXPECTF--
+Warning: password_hash() expects at least 1 parameter, 0 given in %s on line %d
+bool(false)
+
+Warning: password_hash() expects parameter 2 to be string, array given in %s
on line %d
+bool(false)
+
+Warning: password_hash(): Unknown password hashing algorithm: bar in %s on
line %d
+bool(false)
+
+Warning: password_hash() expects parameter 3 to be array, string given in %s
on line %d
+bool(false)
+
+Warning: password_hash(): Password must be a string in %s on line %d
+bool(false)
+
+Warning: password_hash(): Non-string salt parameter supplied in %s on line %d
+bool(false)
+
diff --git a/ext/standard/tests/password/password_make_salt.phpt
b/ext/standard/tests/password/password_make_salt.phpt
new file mode 100644
index 000..63b56f8
--- /dev/null
+++ b/ext/standard/tests/password/password_make_salt.phpt
@@ -0,0 +1,40 @@
+--TEST--
+Test normal operation of password_make_salt()
+--FILE--
+?php
+//-=-=-=-
+echo strlen(password_make_salt(1)) . \n;
+echo strlen(password_make_salt(2)) . \n;
+echo strlen(password_make_salt(3)) . \n;
+echo strlen(password_make_salt(4)) . \n;
+echo strlen(password_make_salt(5)) . \n;
+echo \n;
+
+echo strlen(password_make_salt(1, true)) . \n;
+echo strlen(password_make_salt(2, true)) . \n;
+echo strlen(password_make_salt(3, true)) . \n;
+echo strlen(password_make_salt(4, true)) . \n;
+echo strlen(password_make_salt(5, true)) . \n;
+echo \n;
+
+$a = password_make_salt(32);
+$b = password_make_salt(32);
+
+var_dump($a != $b);
+echo OK!;
+?
+--EXPECT--
+1
+2
+3
+4
+5
+
+1
+2
+3
+4
+5
+
+bool(true)
+OK!
diff --git a/ext/standard
[PHP-CVS] com php-src: Refactor salt generation, rename password_create to password_hash: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h
Commit:2d4b7cb653efc3f52ca907f48b1c828632df5e41
Author:Anthony Ferrara ircmax...@ircmaxell.com Mon, 25 Jun 2012
21:22:16 -0400
Parents: 41d7374ea4598000fd626c0d8cd4736aec6357bf
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=2d4b7cb653efc3f52ca907f48b1c828632df5e41
Log:
Refactor salt generation, rename password_create to password_hash
Changed paths:
M ext/standard/basic_functions.c
M ext/standard/password.c
M ext/standard/php_password.h
Diff:
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 64025db..9e35a5e 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -1867,7 +1867,7 @@ ZEND_BEGIN_ARG_INFO(arginfo_getlastmod, 0)
ZEND_END_ARG_INFO()
/* }}} */
/* {{{ password.c */
-ZEND_BEGIN_ARG_INFO_EX(arginfo_password_create, 0, 0, 1)
+ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 1)
ZEND_ARG_INFO(0, password)
ZEND_ARG_INFO(0, algo)
ZEND_ARG_INFO(0, options)
@@ -2895,7 +2895,7 @@ const zend_function_entry basic_functions[] = { /* {{{ */
PHP_FE(base64_decode,
arginfo_base64_decode)
PHP_FE(base64_encode,
arginfo_base64_encode)
- PHP_FE(password_create,
arginfo_password_create)
+ PHP_FE(password_hash,
arginfo_password_hash)
PHP_FE(password_verify,
arginfo_password_verify)
PHP_FE(password_make_salt,
arginfo_password_make_salt)
diff --git a/ext/standard/password.c b/ext/standard/password.c
index f2c94fb..f049fbc 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -21,19 +21,24 @@
#include stdlib.h
#include php.h
-#include ext/hash/php_hash.h
+
+#include fcntl.h
#include php_password.h
#include php_rand.h
#include base64.h
#include zend_interfaces.h
+#include info.h
+
+#if PHP_WIN32
+#include win32/winutil.h
+#endif
+
+
PHP_MINIT_FUNCTION(password) /* {{{ */
{
REGISTER_STRING_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT,
CONST_CS | CONST_PERSISTENT);
REGISTER_STRING_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT,
CONST_CS | CONST_PERSISTENT);
- REGISTER_STRING_CONSTANT(PASSWORD_MD5, PHP_PASSWORD_MD5, CONST_CS |
CONST_PERSISTENT);
- REGISTER_STRING_CONSTANT(PASSWORD_SHA256, PHP_PASSWORD_SHA256,
CONST_CS | CONST_PERSISTENT);
- REGISTER_STRING_CONSTANT(PASSWORD_SHA512, PHP_PASSWORD_SHA512,
CONST_CS | CONST_PERSISTENT);
return SUCCESS;
}
/* }}} */
@@ -76,7 +81,6 @@ static int php_password_make_salt(int length, int raw, char
*ret TSRMLS_DC)
{
int i, raw_length, buffer_valid = 0;
char *buffer;
- zend_function *func_ptr;
if (raw) {
raw_length = length;
@@ -84,42 +88,37 @@ static int php_password_make_salt(int length, int raw, char
*ret TSRMLS_DC)
raw_length = length * 3 / 4 + 1;
}
buffer = (char *) emalloc(raw_length + 1);
-
- /* Temp Placeholder */
- if (PHP_PASSWORD_FUNCTION_EXISTS(mcrypt_create_iv, 16)) {
- zval *ret, *size, *source;
- ALLOC_INIT_ZVAL(size);
- ZVAL_LONG(size, raw_length);
- ALLOC_INIT_ZVAL(source)
- ZVAL_LONG(source, 1); // MCRYPT_DEV_URANDOM
- zend_call_method_with_2_params(NULL, NULL, NULL,
mcrypt_create_iv, ret, size, source);
- zval_ptr_dtor(size);
- zval_ptr_dtor(source);
- if (Z_TYPE_P(ret) == IS_STRING) {
- memcpy(buffer, Z_STRVAL_P(ret), raw_length);
+
+#if PHP_WIN32
+ {
+ BYTE *iv_b = (BYTE *) buffer;
+ if (php_win32_get_random_bytes(iv_b, (size_t) raw_length) ==
SUCCESS) {
buffer_valid = 1;
}
- zval_ptr_dtor(ret);
}
- if (!buffer_valid
PHP_PASSWORD_FUNCTION_EXISTS(openssl_random_pseudo_bytes, 27)) {
- zval *ret, *size;
- ALLOC_INIT_ZVAL(size);
- ZVAL_LONG(size, raw_length);
- zend_call_method_with_1_params(NULL, NULL, NULL,
openssl_random_pseudo_bytes, ret, size);
- zval_ptr_dtor(size);
- if (Z_TYPE_P(ret) == IS_STRING) {
- memcpy(buffer, Z_STRVAL_P(ret), raw_length);
+#else
+ {
+ int fd, n;
+ size_t read_bytes = 0;
+ fd = open(/dev
[PHP-CVS] com php-src: Implement openssl support for make_salt: ext/standard/password.c
Commit:41d7374ea4598000fd626c0d8cd4736aec6357bf
Author:Anthony Ferrara ircmax...@gmail.com Mon, 25 Jun 2012
11:37:48 -0400
Parents: 618f2629567ca3a3d1817ca9c4c62339fb5fb886
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=41d7374ea4598000fd626c0d8cd4736aec6357bf
Log:
Implement openssl support for make_salt
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 013dab7..f2c94fb 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -96,11 +96,24 @@ static int php_password_make_salt(int length, int raw, char
*ret TSRMLS_DC)
zval_ptr_dtor(size);
zval_ptr_dtor(source);
if (Z_TYPE_P(ret) == IS_STRING) {
- memcpy(buffer, Z_STRVAL_P(ret), Z_STRLEN_P(ret));
+ memcpy(buffer, Z_STRVAL_P(ret), raw_length);
buffer_valid = 1;
}
zval_ptr_dtor(ret);
}
+ if (!buffer_valid
PHP_PASSWORD_FUNCTION_EXISTS(openssl_random_pseudo_bytes, 27)) {
+ zval *ret, *size;
+ ALLOC_INIT_ZVAL(size);
+ ZVAL_LONG(size, raw_length);
+ zend_call_method_with_1_params(NULL, NULL, NULL,
openssl_random_pseudo_bytes, ret, size);
+ zval_ptr_dtor(size);
+ if (Z_TYPE_P(ret) == IS_STRING) {
+ memcpy(buffer, Z_STRVAL_P(ret), raw_length);
+ buffer_valid = 1;
+ }
+ zval_ptr_dtor(ret);
+ }
+
if (!buffer_valid) {
long number;
for (i = 0; i raw_length; i++) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: More error checking, and some cleaning up for password.c: ext/standard/password.c
Commit:618f2629567ca3a3d1817ca9c4c62339fb5fb886
Author:Anthony Ferrara ircmax...@ircmaxell.com Mon, 25 Jun 2012
08:50:39 -0400
Parents: 18d3bd9481c470d241c492eb39a93bd071a77c4e
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=618f2629567ca3a3d1817ca9c4c62339fb5fb886
Log:
More error checking, and some cleaning up for password.c
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index f6d8048..013dab7 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -21,10 +21,6 @@
#include stdlib.h
#include php.h
-#if HAVE_CRYPT
-#include php_crypt.h
-#endif
-
#include ext/hash/php_hash.h
#include php_password.h
#include php_rand.h
@@ -121,7 +117,7 @@ static int php_password_make_salt(int length, int raw, char
*ret TSRMLS_DC)
char *result;
result = emalloc(length + 1);
if (php_password_salt_to64(buffer, raw_length, length, result)
== FAILURE) {
- php_error_docref(NULL, E_WARNING, Generated salt too
short);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Generated
salt too short);
efree(buffer);
efree(result);
return FAILURE;
@@ -139,6 +135,12 @@ PHP_FUNCTION(password_verify)
{
zval *password, *hash, *ret;
int status = 0, i;
+ zend_function *func_ptr;
+
+ if (!PHP_PASSWORD_FUNCTION_EXISTS(crypt, 5)) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Crypt must be
loaded for password_verify to function);
+ RETURN_FALSE;
+ }
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, password,
hash) == FAILURE) {
RETURN_FALSE;
@@ -195,6 +197,12 @@ PHP_FUNCTION(password_create)
int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len;
HashTable *options = 0;
zval **option_buffer, *ret, *password, *hash_zval;
+ zend_function *func_ptr;
+
+ if (!PHP_PASSWORD_FUNCTION_EXISTS(crypt, 5)) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Crypt must be
loaded for password_verify to function);
+ RETURN_FALSE;
+ }
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|sH,
password, algo, algo_len, options) == FAILURE) {
RETURN_FALSE;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Basic random generator added to make_salt: ext/standard/password.c
Commit:18d3bd9481c470d241c492eb39a93bd071a77c4e
Author:Anthony Ferrara ircmax...@ircmaxell.com Mon, 25 Jun 2012
08:15:17 -0400
Parents: f7097d99ffedc6bd0965542454b4ac86e4b5c914
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=18d3bd9481c470d241c492eb39a93bd071a77c4e
Log:
Basic random generator added to make_salt
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 2b7e7df..f6d8048 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -25,6 +25,7 @@
#include php_crypt.h
#endif
+#include ext/hash/php_hash.h
#include php_password.h
#include php_rand.h
#include base64.h
@@ -73,10 +74,14 @@ static int php_password_salt_to64(const char *str, const
int str_len, const int
return SUCCESS;
}
-static int php_password_make_salt(int length, int raw, char *ret)
+#define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len)
(zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **)
func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION
func_ptr-internal_function.handler != zif_display_disabled_function)
+
+static int php_password_make_salt(int length, int raw, char *ret TSRMLS_DC)
{
- int i, raw_length;
+ int i, raw_length, buffer_valid = 0;
char *buffer;
+ zend_function *func_ptr;
+
if (raw) {
raw_length = length;
} else {
@@ -85,8 +90,28 @@ static int php_password_make_salt(int length, int raw, char
*ret)
buffer = (char *) emalloc(raw_length + 1);
/* Temp Placeholder */
- for (i = 0; i raw_length; i++) {
- buffer[i] = i;
+ if (PHP_PASSWORD_FUNCTION_EXISTS(mcrypt_create_iv, 16)) {
+ zval *ret, *size, *source;
+ ALLOC_INIT_ZVAL(size);
+ ZVAL_LONG(size, raw_length);
+ ALLOC_INIT_ZVAL(source)
+ ZVAL_LONG(source, 1); // MCRYPT_DEV_URANDOM
+ zend_call_method_with_2_params(NULL, NULL, NULL,
mcrypt_create_iv, ret, size, source);
+ zval_ptr_dtor(size);
+ zval_ptr_dtor(source);
+ if (Z_TYPE_P(ret) == IS_STRING) {
+ memcpy(buffer, Z_STRVAL_P(ret), Z_STRLEN_P(ret));
+ buffer_valid = 1;
+ }
+ zval_ptr_dtor(ret);
+ }
+ if (!buffer_valid) {
+ long number;
+ for (i = 0; i raw_length; i++) {
+ number = php_rand(TSRMLS_C);
+ RAND_RANGE(number, 0, 255, PHP_RAND_MAX);
+ buffer[i] = (char) number;
+ }
}
/* /Temp Placeholder */
@@ -154,7 +179,7 @@ PHP_FUNCTION(password_make_salt)
RETURN_FALSE;
}
salt = emalloc(length + 1);
- if (php_password_make_salt(length, (int) raw_output, salt) == FAILURE) {
+ if (php_password_make_salt(length, (int) raw_output, salt TSRMLS_CC) ==
FAILURE) {
efree(salt);
RETURN_FALSE;
}
@@ -260,7 +285,7 @@ PHP_FUNCTION(password_create)
zval_ptr_dtor(option_buffer);
} else {
salt = emalloc(required_salt_len + 1);
- if (php_password_make_salt(required_salt_len, 0, salt) ==
FAILURE) {
+ if (php_password_make_salt(required_salt_len, 0, salt
TSRMLS_CC) == FAILURE) {
efree(hash_format);
efree(salt);
RETURN_FALSE;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix memory leak on branch: ext/standard/password.c
Commit:f7097d99ffedc6bd0965542454b4ac86e4b5c914
Author:Anthony Ferrara ircmax...@ircmaxell.com Sun, 24 Jun 2012
23:36:09 -0400
Parents: 657402832b7884f52bf07b2e6f704510395fd413
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=f7097d99ffedc6bd0965542454b4ac86e4b5c914
Log:
Fix memory leak on branch
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 665e69f..2b7e7df 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -246,6 +246,7 @@ PHP_FUNCTION(password_create)
salt = emalloc(required_salt_len + 1);
if (php_password_salt_to64(buffer, buffer_len,
required_salt_len, salt) == FAILURE) {
efree(hash_format);
+ efree(salt);
zval_ptr_dtor(option_buffer);
php_error_docref(NULL TSRMLS_CC, E_WARNING,
Provided salt is too short: %d, salt_len);
RETURN_FALSE;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implement password_verify: ext/standard/password.c
Commit:657402832b7884f52bf07b2e6f704510395fd413
Author:Anthony Ferrara ircmax...@ircmaxell.com Sun, 24 Jun 2012
23:35:26 -0400
Parents: 7e41980fe4972e097e178c034f92920c9c63086c
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=657402832b7884f52bf07b2e6f704510395fd413
Log:
Implement password_verify
Changed paths:
M ext/standard/password.c
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 9201ff3..665e69f 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -112,6 +112,33 @@ static int php_password_make_salt(int length, int raw,
char *ret)
PHP_FUNCTION(password_verify)
{
+ zval *password, *hash, *ret;
+ int status = 0, i;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, password,
hash) == FAILURE) {
+RETURN_FALSE;
+}
+
+ zend_call_method_with_2_params(NULL, NULL, NULL, crypt, ret,
password, hash);
+
+ if (Z_TYPE_P(ret) != IS_STRING) {
+ zval_ptr_dtor(ret);
+ RETURN_FALSE;
+ }
+
+ if (Z_STRLEN_P(ret) != Z_STRLEN_P(hash)) {
+ zval_ptr_dtor(ret);
+ RETURN_FALSE;
+ }
+
+ for (i = 0; i Z_STRLEN_P(ret); i++) {
+ status |= (Z_STRVAL_P(ret)[i] ^ Z_STRVAL_P(hash)[i]);
+ }
+
+ zval_ptr_dtor(ret);
+
+ RETURN_BOOL(status == 0);
+
}
PHP_FUNCTION(password_make_salt)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Actually complete password_create(): ext/standard/password.c ext/standard/php_password.h
Commit:7e41980fe4972e097e178c034f92920c9c63086c
Author:Anthony Ferrara ircmax...@ircmaxell.com Sun, 24 Jun 2012
23:25:18 -0400
Parents: c77f2c29585f97bd9dad533b9d2bc8334de34f1b
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=7e41980fe4972e097e178c034f92920c9c63086c
Log:
Actually complete password_create()
Changed paths:
M ext/standard/password.c
M ext/standard/php_password.h
Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 677f132..9201ff3 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -28,7 +28,7 @@
#include php_password.h
#include php_rand.h
#include base64.h
-
+#include zend_interfaces.h
PHP_MINIT_FUNCTION(password) /* {{{ */
{
@@ -139,15 +139,20 @@ PHP_FUNCTION(password_make_salt)
Hash a password */
PHP_FUNCTION(password_create)
{
-char *password, *algo = 0, *hash_format, *hash, *salt;
-int password_len, algo_len = 0, salt_len = 0, required_salt_len = 0,
hash_format_len;
+char *algo = 0, *hash_format, *hash, *salt;
+int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len;
HashTable *options = 0;
-zval **option_buffer;
+zval **option_buffer, *ret, *password, *hash_zval;
-if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|sH,
password, password_len, algo, algo_len, options) == FAILURE) {
+if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|sH,
password, algo, algo_len, options) == FAILURE) {
RETURN_FALSE;
}
+ if (Z_TYPE_P(password) != IS_STRING) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Password must be a
string);
+ RETURN_FALSE;
+ }
+
if (algo_len == 0) {
algo = PHP_PASSWORD_DEFAULT;
algo_len = strlen(PHP_PASSWORD_DEFAULT);
@@ -240,10 +245,26 @@ PHP_FUNCTION(password_create)
hash = emalloc(salt_len + hash_format_len + 1);
sprintf(hash, %s%s, hash_format, salt);
hash[hash_format_len + salt_len] = 0;
+
+ ALLOC_INIT_ZVAL(hash_zval);
+ ZVAL_STRINGL(hash_zval, hash, hash_format_len + salt_len, 0);
+
efree(hash_format);
efree(salt);
-RETURN_STRINGL(hash, hash_format_len + salt_len, 0);
+ zend_call_method_with_2_params(NULL, NULL, NULL, crypt, ret,
password, hash_zval);
+
+ zval_ptr_dtor(hash_zval);
+
+ if (Z_TYPE_P(ret) != IS_STRING) {
+ zval_ptr_dtor(ret);
+ RETURN_FALSE;
+ } else if(Z_STRLEN_P(ret) 13) {
+ zval_ptr_dtor(ret);
+ RETURN_FALSE;
+ }
+
+ RETURN_ZVAL(ret, 0, 1);
}
/* }}} */
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index f813189..5967840 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -33,7 +33,7 @@ PHP_MINIT_FUNCTION(password);
#define PHP_PASSWORD_SHA2565
#define PHP_PASSWORD_SHA5126
-#define PHP_PASSWORD_BCRYPT_DEFAULT_COST 14;
+#define PHP_PASSWORD_BCRYPT_DEFAULT_COST 12;
#define PHP_PASSWORD_SHA_DEFAULT_ROUNDS 5000;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Base structure for passsword_create and password_make_salt: ext/standard/basic_functions.c ext/standard/config.m4 ext/standard/config.w32 ext/standard/password.c ext/standard/ph
Commit:c77f2c29585f97bd9dad533b9d2bc8334de34f1b
Author:Anthony Ferrara ircmax...@ircmaxell.com Sun, 24 Jun 2012
22:44:43 -0400
Parents: d68b614b09b984e915db50b72430db4e4731480c
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=c77f2c29585f97bd9dad533b9d2bc8334de34f1b
Log:
Base structure for passsword_create and password_make_salt
Changed paths:
M ext/standard/basic_functions.c
M ext/standard/config.m4
M ext/standard/config.w32
A ext/standard/password.c
A ext/standard/php_password.h
M ext/standard/php_standard.h
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 63d40ef..64025db 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -1866,6 +1866,21 @@ ZEND_END_ARG_INFO()
ZEND_BEGIN_ARG_INFO(arginfo_getlastmod, 0)
ZEND_END_ARG_INFO()
/* }}} */
+/* {{{ password.c */
+ZEND_BEGIN_ARG_INFO_EX(arginfo_password_create, 0, 0, 1)
+ ZEND_ARG_INFO(0, password)
+ ZEND_ARG_INFO(0, algo)
+ ZEND_ARG_INFO(0, options)
+ZEND_END_ARG_INFO()
+ZEND_BEGIN_ARG_INFO_EX(arginfo_password_verify, 0, 0, 2)
+ ZEND_ARG_INFO(0, password)
+ ZEND_ARG_INFO(0, hash)
+ZEND_END_ARG_INFO()
+ZEND_BEGIN_ARG_INFO_EX(arginfo_password_make_salt, 0, 0, 1)
+ ZEND_ARG_INFO(0, length)
+ ZEND_ARG_INFO(0, raw_output)
+ZEND_END_ARG_INFO()
+/* }}} */
/* {{{ proc_open.c */
#ifdef PHP_CAN_SUPPORT_PROC_OPEN
ZEND_BEGIN_ARG_INFO_EX(arginfo_proc_terminate, 0, 0, 1)
@@ -2880,6 +2895,10 @@ const zend_function_entry basic_functions[] = { /* {{{ */
PHP_FE(base64_decode,
arginfo_base64_decode)
PHP_FE(base64_encode,
arginfo_base64_encode)
+ PHP_FE(password_create,
arginfo_password_create)
+ PHP_FE(password_verify,
arginfo_password_verify)
+ PHP_FE(password_make_salt,
arginfo_password_make_salt)
+
PHP_FE(convert_uuencode,
arginfo_convert_uuencode)
PHP_FE(convert_uudecode,
arginfo_convert_uudecode)
@@ -3630,6 +3649,7 @@ PHP_MINIT_FUNCTION(basic) /* {{{ */
BASIC_MINIT_SUBMODULE(browscap)
BASIC_MINIT_SUBMODULE(standard_filters)
BASIC_MINIT_SUBMODULE(user_filters)
+ BASIC_MINIT_SUBMODULE(password)
#if defined(HAVE_LOCALECONV) defined(ZTS)
BASIC_MINIT_SUBMODULE(localeconv)
diff --git a/ext/standard/config.m4 b/ext/standard/config.m4
index c33ae1e..fba423b 100644
--- a/ext/standard/config.m4
+++ b/ext/standard/config.m4
@@ -580,7 +580,7 @@ PHP_NEW_EXTENSION(standard, array.c base64.c
basic_functions.c browscap.c crc32.
incomplete_class.c url_scanner_ex.c
ftp_fopen_wrapper.c \
http_fopen_wrapper.c php_fopen_wrapper.c credits.c
css.c \
var_unserializer.c ftok.c sha1.c user_filters.c
uuencode.c \
-filters.c proc_open.c streamsfuncs.c http.c)
+filters.c proc_open.c streamsfuncs.c http.c
password.c)
PHP_ADD_MAKEFILE_FRAGMENT
PHP_INSTALL_HEADERS([ext/standard/])
diff --git a/ext/standard/config.w32 b/ext/standard/config.w32
index d14b859..5f24641b 100644
--- a/ext/standard/config.w32
+++ b/ext/standard/config.w32
@@ -19,7 +19,7 @@ EXTENSION(standard, array.c base64.c basic_functions.c
browscap.c \
versioning.c assert.c strnatcmp.c levenshtein.c incomplete_class.c \
url_scanner_ex.c ftp_fopen_wrapper.c http_fopen_wrapper.c \
php_fopen_wrapper.c credits.c css.c var_unserializer.c ftok.c sha1.c \
- user_filters.c uuencode.c filters.c proc_open.c \
+ user_filters.c uuencode.c filters.c proc_open.c password.c \
streamsfuncs.c http.c flock_compat.c, false /* never shared */);
PHP_INSTALL_HEADERS(, ext/standard);
if (PHP_MBREGEX != no) {
diff --git a/ext/standard/password.c b/ext/standard/password.c
new file mode 100644
index 000..677f132
--- /dev/null
+++ b/ext/standard/password.c
@@ -0,0 +1,257 @@
+/*
+ +--+
+ | PHP Version 5|
+ +--+
+ | Copyright (c) 1997-2012 The PHP Group
Re: [PHP-CVS] com php-src: Really fix leaks, add test cases to prove it...: ext/standard/password.c ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_hash_er
Nuno, On Tue, Oct 16, 2012 at 2:14 PM, Nuno Lopes nlop...@php.net wrote: Hi, + case IS_BOOL: + case IS_NULL: case IS_RESOURCE: case IS_ARRAY: default: it doesn't make sense to have those cases and the default. Please remove all those useless cases. I see it as self-documentation to include them as it indicates without needing to think that it's intentional that they are treated as default. If the overall consensus is that they should be removed, that's fine (and I'll remove them). But I consider this more readable and easier to comprehend than without... Thoughts? Anthony
[PHP-CVS] com php-src: More cleanup of documentation and comments, as well as code formatting: ext/hash/hash.c
Commit:03536e889ad29ed3b6153aafa77b647bdcfe2592
Author:Anthony Ferrara ircmax...@gmail.com Tue, 12 Jun 2012
15:05:44 -0400
Parents: 2f1cd2cb1377bac9093ab539d936dd6c4a913916
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=03536e889ad29ed3b6153aafa77b647bdcfe2592
Log:
More cleanup of documentation and comments, as well as code formatting
Changed paths:
M ext/hash/hash.c
Diff:
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 74c86a8..957575d 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -205,14 +205,14 @@ PHP_FUNCTION(hash_file)
static inline void php_hash_string_xor_char(unsigned char *out, const unsigned
char *in, const unsigned char xor_with, const int length) {
int i;
- for(i=0; i length; i++) {
+ for (i=0; i length; i++) {
out[i] = in[i] ^ xor_with;
}
}
static inline void php_hash_string_xor(unsigned char *out, const unsigned char
*in, const unsigned char *xor_with, const int length) {
int i;
- for(i=0; i length; i++) {
+ for (i=0; i length; i++) {
out[i] = in[i] ^ xor_with[i];
}
}
@@ -687,6 +687,11 @@ PHP_FUNCTION(hash_pbkdf2)
/* temp = digest */
memcpy(temp, digest, ops-digest_size);
+
+ /*
+* Note that the loop starting at 1 is intentional, since we've
already done
+* the first round of the algorithm.
+*/
for (j = 1; j iterations; j++) {
/* digest = hash_hmac(digest, password) { */
php_hash_hmac_round(digest, ops, context, K1, digest,
ops-digest_size);
@@ -698,7 +703,7 @@ PHP_FUNCTION(hash_pbkdf2)
/* result += temp */
memcpy(result + ((i - 1) * ops-digest_size), temp,
ops-digest_size);
}
- /* Zero potentiall sensitive variables */
+ /* Zero potentially sensitive variables */
memset(K1, 0, ops-block_size);
memset(K2, 0, ops-block_size);
memset(computed_salt, 0, salt_len + 4);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix tests to use proper casing: ext/hash/tests/hash_pbkdf2_error.phpt
Commit:2f1cd2cb1377bac9093ab539d936dd6c4a913916 Author:Anthony Ferrara ircmax...@gmail.com Tue, 12 Jun 2012 14:52:43 -0400 Parents: 43eb8dc04af1480b3caa62d252ede28dcb059c7b Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=2f1cd2cb1377bac9093ab539d936dd6c4a913916 Log: Fix tests to use proper casing Changed paths: M ext/hash/tests/hash_pbkdf2_error.phpt Diff: diff --git a/ext/hash/tests/hash_pbkdf2_error.phpt b/ext/hash/tests/hash_pbkdf2_error.phpt index 6b827da..fd70cca 100644 --- a/ext/hash/tests/hash_pbkdf2_error.phpt +++ b/ext/hash/tests/hash_pbkdf2_error.phpt @@ -67,12 +67,12 @@ hash_pbkdf2(): Unknown hashing algorithm: foo -- Testing hash_pbkdf2() function with invalid iterations -- bool(false) -hash_pbkdf2(): Iterations Must Be A Positive Integer: 0 +hash_pbkdf2(): Iterations must be a positive integer: 0 bool(false) -hash_pbkdf2(): Iterations Must Be A Positive Integer: -1 +hash_pbkdf2(): Iterations must be a positive integer: -1 -- Testing hash_pbkdf2() function with invalid length -- bool(false) -hash_pbkdf2(): Length Must Be Greater Than Or Equal To 0: -1 +hash_pbkdf2(): Length must be greater than or equal to 0: -1 ===Done=== -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Remove un-needed memset, and replacing stray spaces: ext/hash/hash.c
Commit:43eb8dc04af1480b3caa62d252ede28dcb059c7b
Author:Anthony Ferrara ircmax...@gmail.com Tue, 12 Jun 2012
14:32:21 -0400
Parents: df3d351cad7ecc2b6087e7f26edf6fa8b22cd960
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=43eb8dc04af1480b3caa62d252ede28dcb059c7b
Log:
Remove un-needed memset, and replacing stray spaces
Changed paths:
M ext/hash/hash.c
Diff:
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 40023f7..74c86a8 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -652,7 +652,6 @@ PHP_FUNCTION(hash_pbkdf2)
temp = emalloc(ops-digest_size);
/* Setup Keys that will be used for all hmac rounds */
- memset(K2, 0, ops-block_size);
php_hash_hmac_prep_key(K1, ops, context, (unsigned char *) pass,
pass_len);
/* Convert K1 to opad -- 0x6A = 0x36 ^ 0x5C */
php_hash_string_xor_char(K2, K1, 0x6A, ops-block_size);
@@ -661,7 +660,7 @@ PHP_FUNCTION(hash_pbkdf2)
if (length == 0) {
length = ops-digest_size;
}
-digest_length = length;
+ digest_length = length;
if (!raw_output) {
digest_length = (long) ceil((float) length / 2.0);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Update error messages to be more inline with PHP standards: ext/hash/hash.c
Commit:df3d351cad7ecc2b6087e7f26edf6fa8b22cd960
Author:Anthony Ferrara ircmax...@gmail.com Tue, 12 Jun 2012
14:10:35 -0400
Parents: 4918a6bd23f907b6712bdd04fcd265a411b0
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=df3d351cad7ecc2b6087e7f26edf6fa8b22cd960
Log:
Update error messages to be more inline with PHP standards
Changed paths:
M ext/hash/hash.c
Diff:
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 71f3753..40023f7 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -629,12 +629,12 @@ PHP_FUNCTION(hash_pbkdf2)
}
if (iterations = 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Iterations Must Be
A Positive Integer: %ld, iterations);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Iterations must be
a positive integer: %ld, iterations);
RETURN_FALSE;
}
if (length 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, Length Must Be
Greater Than Or Equal To 0: %ld, length);
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Length must be
greater than or equal to 0: %ld, length);
RETURN_FALSE;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: refactor away un-necessary casts in hashing routines: ext/hash/hash.c
Commit:4918a6bd23f907b6712bdd04fcd265a411b0
Author:Anthony Ferrara ircmax...@gmail.com Tue, 12 Jun 2012
14:09:16 -0400
Parents: 550253f6529bfa56e494505e6517500f98c7223a
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=4918a6bd23f907b6712bdd04fcd265a411b0
Log:
refactor away un-necessary casts in hashing routines
Changed paths:
M ext/hash/hash.c
Diff:
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 7f0d36f..71f3753 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -222,8 +222,8 @@ static inline void php_hash_hmac_prep_key(unsigned char *K,
const php_hash_ops *
if (key_len ops-block_size) {
/* Reduce the key first */
ops-hash_init(context);
- ops-hash_update(context, (unsigned char *) key, key_len);
- ops-hash_final((unsigned char *) K, context);
+ ops-hash_update(context, key, key_len);
+ ops-hash_final(K, context);
} else {
memcpy(K, key, key_len);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Update NEWS to fix typo, add name: NEWS
Commit:550253f6529bfa56e494505e6517500f98c7223a Author:Anthony Ferrara ircmax...@gmail.com Tue, 12 Jun 2012 13:51:18 -0400 Parents: 6387498823c85e07a549c189ba0ec33cb6e0d90c Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=550253f6529bfa56e494505e6517500f98c7223a Log: Update NEWS to fix typo, add name Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index dc42650..37e443d 100644 --- a/NEWS +++ b/NEWS @@ -43,7 +43,7 @@ PHP NEWS . Fixed bug #54995 (Missing CURLINFO_RESPONSE_CODE support). (Pierrick) - Hash - . Added support for PBKDF2 via hash_pbkdf2()F + . Added support for PBKDF2 via hash_pbkdf2(). (Anthony Ferrara) - MySQLi . Dropped support for LOAD DATA LOCAL INFILE handlers when using libmysql. -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Create hash_pbkdf2 function addition: NEWS ext/hash/hash.c ext/hash/php_hash.h ext/hash/tests/hash_pbkdf2_basic.phpt ext/hash/tests/hash_pbkdf2_error.phpt
Commit:6387498823c85e07a549c189ba0ec33cb6e0d90c
Author:Anthony Ferrara ircmax...@gmail.com Tue, 12 Jun 2012
09:57:11 -0400
Parents: 5b3c9f4fd1fbaa251beea37ff7870f6523320672
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=6387498823c85e07a549c189ba0ec33cb6e0d90c
Log:
Create hash_pbkdf2 function addition
Changed paths:
M NEWS
M ext/hash/hash.c
M ext/hash/php_hash.h
A ext/hash/tests/hash_pbkdf2_basic.phpt
A ext/hash/tests/hash_pbkdf2_error.phpt
diff --git a/NEWS b/NEWS
index e9e70e9..dc42650 100644
--- a/NEWS
+++ b/NEWS
@@ -42,6 +42,9 @@ PHP
NEWS
still exists for backward compatibility but is doing nothing).
(Pierrick)
. Fixed bug #54995 (Missing CURLINFO_RESPONSE_CODE support). (Pierrick)
+- Hash
+ . Added support for PBKDF2 via hash_pbkdf2()F
+
- MySQLi
. Dropped support for LOAD DATA LOCAL INFILE handlers when using libmysql.
Known for stability problems. (Andrey)
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 895d64d..7f0d36f 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -23,6 +23,7 @@
#include config.h
#endif
+#include math.h
#include php_hash.h
#include ext/standard/info.h
#include ext/standard/file.h
@@ -202,10 +203,45 @@ PHP_FUNCTION(hash_file)
}
/* }}} */
+static inline void php_hash_string_xor_char(unsigned char *out, const unsigned
char *in, const unsigned char xor_with, const int length) {
+ int i;
+ for(i=0; i length; i++) {
+ out[i] = in[i] ^ xor_with;
+ }
+}
+
+static inline void php_hash_string_xor(unsigned char *out, const unsigned char
*in, const unsigned char *xor_with, const int length) {
+ int i;
+ for(i=0; i length; i++) {
+ out[i] = in[i] ^ xor_with[i];
+ }
+}
+
+static inline void php_hash_hmac_prep_key(unsigned char *K, const php_hash_ops
*ops, void *context, const unsigned char *key, const int key_len) {
+ memset(K, 0, ops-block_size);
+ if (key_len ops-block_size) {
+ /* Reduce the key first */
+ ops-hash_init(context);
+ ops-hash_update(context, (unsigned char *) key, key_len);
+ ops-hash_final((unsigned char *) K, context);
+ } else {
+ memcpy(K, key, key_len);
+ }
+ /* XOR the key with 0x36 to get the ipad) */
+ php_hash_string_xor_char(K, K, 0x36, ops-block_size);
+}
+
+static inline void php_hash_hmac_round(unsigned char *final, const
php_hash_ops *ops, void *context, const unsigned char *key, const unsigned char
*data, const long data_size) {
+ ops-hash_init(context);
+ ops-hash_update(context, key, ops-block_size);
+ ops-hash_update(context, data, data_size);
+ ops-hash_final(final, context);
+}
+
static void php_hash_do_hash_hmac(INTERNAL_FUNCTION_PARAMETERS, int
isfilename, zend_bool raw_output_default) /* {{{ */
{
char *algo, *data, *digest, *key, *K;
- int algo_len, data_len, key_len, i;
+ int algo_len, data_len, key_len;
zend_bool raw_output = raw_output_default;
const php_hash_ops *ops;
void *context;
@@ -230,52 +266,29 @@ static void
php_hash_do_hash_hmac(INTERNAL_FUNCTION_PARAMETERS, int isfilename,
}
context = emalloc(ops-context_size);
- ops-hash_init(context);
K = emalloc(ops-block_size);
- memset(K, 0, ops-block_size);
+ digest = emalloc(ops-digest_size + 1);
- if (key_len ops-block_size) {
- /* Reduce the key first */
- ops-hash_update(context, (unsigned char *) key, key_len);
- ops-hash_final((unsigned char *) K, context);
- /* Make the context ready to start over */
- ops-hash_init(context);
- } else {
- memcpy(K, key, key_len);
- }
-
- /* XOR ipad */
- for(i=0; i ops-block_size; i++) {
- K[i] ^= 0x36;
- }
- ops-hash_update(context, (unsigned char *) K, ops-block_size);
+ php_hash_hmac_prep_key((unsigned char *) K, ops, context, (unsigned
char *) key, key_len);
if (isfilename) {
char buf[1024];
int n;
-
+ ops-hash_init(context);
+ ops-hash_update(context, (unsigned char *) K, ops-block_size);
while ((n = php_stream_read(stream, buf, sizeof(buf))) 0) {
ops-hash_update(context, (unsigned char *) buf, n);
}
php_stream_close(stream);
+ ops-hash_final((unsigned char *) digest, context);
} else {
- ops-hash_update(context, (unsigned char *) data, data_len);
+ php_hash_hmac_round((unsigned char *) digest, ops, context,
(unsigned char *) K, (unsigned char *) data, data_len);
}
- digest = emalloc(ops
[PHP-CVS] com php-src: Add new function hash_pbkdf2() to UGRAPDING doc: UPGRADING
Commit:bf0154896705afe0da6ee1c7af4dc3d75afd194b Author:Anthony Ferrara ircmax...@gmail.com Tue, 10 Jul 2012 13:13:30 -0400 Parents: 731c6fd274932a4d31a76a38a4006cad6ffc50d3 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=bf0154896705afe0da6ee1c7af4dc3d75afd194b Log: Add new function hash_pbkdf2() to UGRAPDING doc Changed paths: M UPGRADING Diff: diff --git a/UPGRADING b/UPGRADING index 77fe972..8b52be2 100755 --- a/UPGRADING +++ b/UPGRADING @@ -97,6 +97,9 @@ PHP X.Y UPGRADE NOTES - Core: - boolval() +- Hash: + - hash_pbkdf2() + - Intl: - datefmt_get_calendar_object() - datefmt_get_timezone() -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix two issues with run-tests.php: run-tests.php
Commit:26b37f1792dfaf9b0b30f81e492c8f68b9ece571
Author:Anthony Ferrara ircmax...@php.net Fri, 6 Jul 2012 22:37:50
-0400
Parents: 157ddd95773114c1148536b4b32fcbedf0c79b20
Branches: PHP-5.3 PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=26b37f1792dfaf9b0b30f81e492c8f68b9ece571
Log:
Fix two issues with run-tests.php
1. E_STRICT error due to passing return of array_intersect() into reset()
directly
2. Details in junit output can produce invalid UTF-8 and XML due to unescaped
characters
Changed paths:
M run-tests.php
Diff:
diff --git a/run-tests.php b/run-tests.php
index 2a46986..302167a 100755
--- a/run-tests.php
+++ b/run-tests.php
@@ -2668,12 +2668,15 @@ function junit_mark_test_as($type, $file_name,
$test_name, $time = null, $messag
$time = null !== $time ? $time : junit_get_timer($file_name);
junit_suite_record($suite, 'execution_time', $time);
+ $escaped_details = htmlspecialchars($details, ENT_QUOTES, 'UTF-8');
+
$escaped_test_name = basename($file_name) . ' - ' .
htmlspecialchars($test_name, ENT_QUOTES);
$JUNIT['files'][$file_name]['xml'] = testcase classname='$suite'
name='$escaped_test_name' time='$time'\n;
if (is_array($type)) {
$output_type = $type[0] . 'ED';
- $type = reset(array_intersect(array('XFAIL', 'FAIL'), $type));
+ $temp = array_intersect(array('XFAIL', 'FAIL'), $type);
+ $type = reset($temp);
} else {
$output_type = $type . 'ED';
}
@@ -2688,10 +2691,10 @@ function junit_mark_test_as($type, $file_name,
$test_name, $time = null, $messag
$JUNIT['files'][$file_name]['xml'] .=
skipped$message/skipped\n;
} elseif('FAIL' == $type) {
junit_suite_record($suite, 'test_fail');
- $JUNIT['files'][$file_name]['xml'] .= failure
type='$output_type' message='$message'$details/failure\n;
+ $JUNIT['files'][$file_name]['xml'] .= failure
type='$output_type' message='$message'$escaped_details/failure\n;
} else {
junit_suite_record($suite, 'test_error');
- $JUNIT['files'][$file_name]['xml'] .= error
type='$output_type' message='$message'$details/error\n;
+ $JUNIT['files'][$file_name]['xml'] .= error
type='$output_type' message='$message'$escaped_details/error\n;
}
$JUNIT['files'][$file_name]['xml'] .= /testcase\n;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Merge branch 'PHP-5.4': run-tests.php
Commit:6abd7365d041f07ab2ac16de22091e6b3065d69b Author:Anthony Ferrara ircmax...@php.net Fri, 6 Jul 2012 22:39:32 -0400 Parents: ed54357fcded8849c6830fa80b42bdde4650fdb8 79ed100c19667ecf8b8fcb445bd52bf8c22cee0a Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6abd7365d041f07ab2ac16de22091e6b3065d69b Log: Merge branch 'PHP-5.4' * PHP-5.4: Fix two issues with run-tests.php Changed paths: MM run-tests.php Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Merge branch 'PHP-5.3' into PHP-5.4: NEWS ext/standard/crypt.c
Commit:34ab5650bcea46825ed1f9021c5a52b161705c27 Author:Anthony Ferrara ircmax...@ircmaxell.com Thu, 28 Jun 2012 20:36:21 -0400 Parents: 405ebfcd182a39f0960ff7d7055d49053d3e0316 7e8276ca68fc622124d51d18e4f7b5cde3536de4 Branches: PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=34ab5650bcea46825ed1f9021c5a52b161705c27 Log: Merge branch 'PHP-5.3' into PHP-5.4 * PHP-5.3: Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) Bugs: https://bugs.php.net/62443 Changed paths: MM NEWS MM ext/standard/crypt.c Diff: diff --cc NEWS index b1de5f1,80d56bc..6821a7e --- a/NEWS +++ b/NEWS @@@ -1,39 -1,39 +1,41 @@@ PHP NEWS ||| -?? ??? 2012, PHP 5.3.15 -- Zend Engine: - . Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that -includes a semi-colon). (Pierrick) - -- COM: - . Fixed bug #62146 com_dotnet cannot be built shared. (Johannes) +?? ??? 2012, PHP 5.4.5 - Core: - . Fixed CVE-2012-2143. (Solar Designer) - . Fixed potential overflow in _php_stream_scandir. (Jason Powell, -Stas) - . Fixed bug #62432 (ReflectionMethod random corrupt memory on high -concurrent). (Johannes) + . Fixed bug #62357 (compile failure: (S) Arguments missing for built-in +function __memcmp). (Laruence) + . Fixed bug #61998 (Using traits with method aliases appears to result in +crash during execution). (Dmitry) + . Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that +includes a semi-colon). (Pierrick) + . Fixed potential overflow in _php_stream_scandir (CVE-2012-2688). +(Jason Powell, Stas) + . Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed + Salt). (Anthony Ferrara) -- Fileinfo: - . Fixed magic file regex support. (Felipe) +- EXIF: + . Fixed information leak in ext exif (discovered by Martin Noga, +Matthew j00ru Jurczyk, Gynvael Coldwind) - FPM: - . Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat) + . Fixed bug #62205 (php-fpm segfaults (null passed to strstr)). (fat) + . Fixed bug #62160 (Add process.priority to set nice(2) priorities). (fat) + . Fixed bug #62153 (when using unix sockets, multiples FPM instances + . Fixed bug #62033 (php-fpm exits with status 0 on some failures to start). +(fat) + . Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm). (fat) . Fixed bug #61835 (php-fpm is not allowed to run as root). (fat) . Fixed bug #61295 (php-fpm should not fail with commented 'user' + . Fixed bug #61218 (FPM drops connection while receiving some binary values +in FastCGI requests). (fat) + . Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat) for non-root start). (fat) . Fixed bug #61026 (FPM pools can listen on the same address). (fat) - . Fixed bug #62033 (php-fpm exits with status 0 on some failures to start). -(fat) - . Fixed bug #62153 (when using unix sockets, multiples FPM instances can be launched without errors). (fat) - . Fixed bug #62160 (Add process.priority to set nice(2) priorities). (fat) - . Fixed bug #61218 (FPM drops connection while receiving some binary values -in FastCGI requests). (fat) - . Fixed bug #62205 (php-fpm segfaults (null passed to strstr)). (fat) + +- Iconv: + . Fix bug #55042 (Erealloc in iconv.c unsafe). (Stas) - Intl: . Fixed bug #62083 (grapheme_extract() memory leaks). (Gustavo) diff --cc ext/standard/crypt.c index 9a1fcf1,2eb4fc3..3ade86a --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@@ -199,8 -199,8 +199,8 @@@ PHP_FUNCTION(crypt char *output; int needed = (sizeof(sha512_salt_prefix) - 1 + sizeof(sha512_rounds_prefix) + 9 + 1 - + strlen(salt) + 1 + 43 + 1); + + PHP_MAX_SALT_LEN + 1 + 43 + 1); - output = emalloc(needed * sizeof(char *)); + output = emalloc(needed); salt[salt_in_len] = '\0'; crypt_res = php_sha512_crypt_r(str, salt, output, needed); @@@ -222,8 -222,8 +222,8 @@@ char *output; int needed = (sizeof(sha256_salt_prefix) - 1 + sizeof(sha256_rounds_prefix) + 9 + 1 - + strlen(salt) + 1 + 43 + 1); + + PHP_MAX_SALT_LEN + 1 + 43 + 1); - output = emalloc(needed * sizeof(char *)); + output = emalloc(needed); salt[salt_in_len] = '\0
[PHP-CVS] com php-src: Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt): NEWS ext/standard/crypt.c ext/standard/tests/strings/bug62443.phpt
Commit:7e8276ca68fc622124d51d18e4f7b5cde3536de4 Author:Anthony Ferrara ircmax...@ircmaxell.com Thu, 28 Jun 2012 20:00:03 -0400 Parents: 974324676b2436f159f42d9241c569f813471684 Branches: PHP-5.3 PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7e8276ca68fc622124d51d18e4f7b5cde3536de4 Log: Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) Fixed a memory allocation bug in crypt() SHA256/512 that can cause segmentation faults when passed in salts with a null byte early. Bugs: https://bugs.php.net/62443 Changed paths: M NEWS M ext/standard/crypt.c A ext/standard/tests/strings/bug62443.phpt Diff: diff --git a/NEWS b/NEWS index 520aa19..80d56bc 100644 --- a/NEWS +++ b/NEWS @@ -14,6 +14,8 @@ PHP NEWS Stas) . Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent). (Johannes) + . Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed +Salt). (Anthony Ferrara) - Fileinfo: . Fixed magic file regex support. (Felipe) diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index e0d90e7..2eb4fc3 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -199,7 +199,7 @@ PHP_FUNCTION(crypt) char *output; int needed = (sizeof(sha512_salt_prefix) - 1 + sizeof(sha512_rounds_prefix) + 9 + 1 - + strlen(salt) + 1 + 43 + 1); + + PHP_MAX_SALT_LEN + 1 + 43 + 1); output = emalloc(needed * sizeof(char *)); salt[salt_in_len] = '\0'; @@ -222,7 +222,7 @@ PHP_FUNCTION(crypt) char *output; int needed = (sizeof(sha256_salt_prefix) - 1 + sizeof(sha256_rounds_prefix) + 9 + 1 - + strlen(salt) + 1 + 43 + 1); + + PHP_MAX_SALT_LEN + 1 + 43 + 1); output = emalloc(needed * sizeof(char *)); salt[salt_in_len] = '\0'; diff --git a/ext/standard/tests/strings/bug62443.phpt b/ext/standard/tests/strings/bug62443.phpt new file mode 100644 index 000..9e0dc38 --- /dev/null +++ b/ext/standard/tests/strings/bug62443.phpt @@ -0,0 +1,9 @@ +--TEST-- +Bug #62443 Crypt SHA256/512 Segfaults With Malformed Salt +--FILE-- +?php +crypt(foo, '$5$'.chr(0).'abc'); +crypt(foo, '$6$'.chr(0).'abc'); +echo OK!; +--EXPECT-- +OK! -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Merge branch 'PHP-5.4': NEWS
Commit:63318772ae2fc3b69391f38764b3ab9e834e9120 Author:Anthony Ferrara ircmax...@ircmaxell.com Thu, 28 Jun 2012 20:38:31 -0400 Parents: cd7ab5cd11f156d58306539f6298f1661bf06cab 34ab5650bcea46825ed1f9021c5a52b161705c27 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=63318772ae2fc3b69391f38764b3ab9e834e9120 Log: Merge branch 'PHP-5.4' * PHP-5.4: Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) Bugs: https://bugs.php.net/62443 Changed paths: MM NEWS Diff: Diff exceeded maximum size -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Restore old NEWS file, and re-add new entry.: NEWS
Commit:e778b03307ef51a501136f6876495dc2e7409e41
Author:Anthony Ferrara ircmax...@gmail.com Thu, 28 Jun 2012
22:43:59 -0400
Parents: da5fb9cb98aca68d85d89a40244d4941d8442310
Branches: master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=e778b03307ef51a501136f6876495dc2e7409e41
Log:
Restore old NEWS file, and re-add new entry.
This fixes a merge artifact where the 5.4 NEWS
file was accidentally brought in.
Changed paths:
M NEWS
diff --git a/NEWS b/NEWS
index 1b658c7..e76c564 100644
--- a/NEWS
+++ b/NEWS
@@ -2,338 +2,6 @@ PHP
NEWS
|||
?? ??? 201?, PHP 5.5.0
-- Core:
- . Fixed bug #62357 (compile failure: (S) Arguments missing for built-in
-function __memcmp). (Laruence)
- . Fixed bug #61998 (Using traits with method aliases appears to result in
-crash during execution). (Dmitry)
- . Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that
-includes a semi-colon). (Pierrick)
- . Fixed potential overflow in _php_stream_scandir (CVE-2012-2688).
-(Jason Powell, Stas)
- . Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed
-Salt). (Anthony Ferrara)
-
-- EXIF:
- . Fixed information leak in ext exif (discovered by Martin Noga,
-Matthew j00ru Jurczyk, Gynvael Coldwind)
-
-- FPM:
- . Fixed bug #62205 (php-fpm segfaults (null passed to strstr)). (fat)
- . Fixed bug #62160 (Add process.priority to set nice(2) priorities). (fat)
- . Fixed bug #62153 (when using unix sockets, multiples FPM instances
- . Fixed bug #62033 (php-fpm exits with status 0 on some failures to start).
-(fat)
- . Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm). (fat)
- . Fixed bug #61835 (php-fpm is not allowed to run as root). (fat)
- . Fixed bug #61295 (php-fpm should not fail with commented 'user'
- . Fixed bug #61218 (FPM drops connection while receiving some binary values
-in FastCGI requests). (fat)
- . Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat)
-for non-root start). (fat)
- . Fixed bug #61026 (FPM pools can listen on the same address). (fat)
-can be launched without errors). (fat)
-
-- Iconv:
- . Fix bug #55042 (Erealloc in iconv.c unsafe). (Stas)
-
-- Intl:
- . Fixed bug #62083 (grapheme_extract() memory leaks). (Gustavo)
- . ResourceBundle constructor now accepts NULL for the first two arguments.
-(Gustavo)
- . Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called
-twice). (Gustavo)
- . Fixed bug #62070 (Collator::getSortKey() returns garbage). (Gustavo)
- . Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks
-pattern). (Gustavo)
-
-- libxml:
- . Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM
-SAPI). (Gustavo)
-
-- Readline:
- . Fixed bug #62186 (readline fails to compile - void function should not
-return a value). (Johannes)
-
-- Reflection:
- . Fixed bug #62384 (Attempting to invoke a Closure more than once causes
-segfault). (Felipe)
- . Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks
-with constant). (Laruence)
-
-- Sockets:
- . Fixed bug #62025 (__ss_family was changed on AIX 5.3). (Felipe)
-
-- XML Writer:
- . Fixed bug #62064 (memory leak in the XML Writer module).
-(jean-pierre dot lozi at lip6 dot fr)
-
-- Zip:
- . Upgraded libzip to 0.10.1 (Anatoliy)
-
-14 Jun 2012, PHP 5.4.4
-
-- COM:
- . Fixed bug #62146 com_dotnet cannot be built shared. (Johannes)
-
-- CLI Server:
- . Implemented FR #61977 (Need CLI web-server support for files with .htm
-svg extensions). (Sixd, Laruence)
- . Improved performance while sending error page, this also fixed
-bug #61785 (Memory leak when access a non-exists file without router).
-(Laruence)
- . Fixed bug #61546 (functions related to current script failed when chdir()
-in cli sapi). (Laruence, reeze@gmail.com)
-
-- CURL:
- . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
-(Laruence)
-
-- Core:
- . Fixed missing bound check in iptcparse(). (chris at chiappa.net)
- . Fixed CVE-2012-2143. (Solar Designer)
- . Fixed bug #62097 (fix for for bug #54547). (Gustavo)
- . Fixed bug #62005 (unexpected behavior when incrementally assigning to a
-member of a null object). (Laruence)
- . Fixed bug #61978 (Object recursion not detected for classes that implement
-JsonSerializable). (Felipe)
- . Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy)
- . Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config).
-(Laruence)
- . Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy)
- . Fixed bug #61782 (__clone/__destruct do not match other methods when
checking
-access controls). (Stas)
- . Fixed bug #61761 ('Overriding' a private
[PHP-CVS] Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
Out of curiosity, why are you changing it to copy the object for the
result of the cast operation? cast_object should init the result
zval, so why go through the step of copying the starting object to it?
Wouldn't it be easier just to do:
if (Z_OBJ_HANDLER_PP(arg, cast_object)) {
zval *result;
ALLOC_ZVAL(result);
if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, result, type
TSRMLS_CC)
== SUCCESS) {
zval_ptr_dtor(arg);
*pl = Z_STRLEN_PP(result);
*p = Z_STRVAL_PP(result);
zval_ptr_dtor(result);
return SUCCESS;
}
zval_ptr_dtor(result);
}
Keeping both completely separate, and not having the possibility of
corrupting the arg object pointer? As it is right now (with the patch
in the first mail), wouldn't the possibility still exist of nuking the
arg object pointer which could be used elsewhere (and hence cause the
memory leak and segfault when that variable is referenced again)?
(Un tested as of yet, just throwing it out there as it seems kind of
weird to overwrite the arg pointer for what seems like no reason)...
Anthony
On Mon, Feb 27, 2012 at 10:22 AM, Richard Lynch c...@l-i-e.com wrote:
On Mon, February 27, 2012 2:31 am, Laruence wrote:
On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov dmi...@zend.com
wrote:
Hi Laruence,
The attached patch looks wired. The patch on top of it (r323563)
makes it
better. However, in my opinion it fixes a common problem just in a
single
place. Each call to __toString() that makes side effects may cause
the
similar problem. It would be great to make a right fix in
zend_std_cast_object_tostring() itself, but probably it would
require API
Hi:
before this fix, I thought about the same idea of that.
but, you know, such change will need all exts who implmented
their own cast_object handler change there codes too.
for now, I exam the usage of std_cast_object_tostring, most of
them do the similar things like this fix to avoid this issues(like
ZEND_CAST handler).
so I think, maybe it's okey for a temporary fix :)
Perhaps a better solution would be to make a NEW function that uses
zval** and deprecate the old one with memory leaks.
Old extensions remain functional, new extension consume less memory.
(This presumes I actually understand the issue, which is questionable.)
--
brain cancer update:
http://richardlynch.blogspot.com/search/label/brain%20tumor
Donate:
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=FS9NLTNEEKWBE
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/Zend/zend_API.c trunk/NEWS trunk/Zend/zend_API.c
I initially looked at the final fix when I discovered the issue.
Follow me out on this. This is the current code as-implemented in
r323563:
265 zval *obj;
266 MAKE_STD_ZVAL(obj);
267 if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, type
TSRMLS_CC) == SUCCESS) {
268 zval_ptr_dtor(arg);
269 *arg = obj;
270 *pl = Z_STRLEN_PP(arg);
271 *p = Z_STRVAL_PP(arg);
272 return SUCCESS;
273 }
274 efree(obj);
The issue that I originally identified (overwriting the argument
pointer) is still happening. Is there any reason for overwriting the
arg pointer? Wouldn't it be better to just do the Z_STRLEN_PP and
Z_STRVAL_PP operations on obj instead, and zval_ptr_dtor it as well
(instead of efree, as that way if a reference is stored somewhere it
won't result in a double free, or a segfault for accessing freed
memory)?
Thanks,
Anthony
On Mon, Feb 27, 2012 at 11:39 AM, Xinchen Hui larue...@gmail.com wrote:
Sent from my iPad
在 2012-2-28,0:10,Anthony Ferrara ircmax...@gmail.com 写道:
Out of curiosity, why are you changing it to copy the object for the
result of the cast operation? cast_object should init the result
zval, so why go through the step of copying the starting object to
plz look at the final fix: r323563
thanks
r323563
Wouldn't it be easier just to do:
if (Z_OBJ_HANDLER_PP(arg, cast_object)) {
zval *result;
ALLOC_ZVAL(result);
if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, result, type TSRMLS_CC)
== SUCCESS) {
zval_ptr_dtor(arg);
*pl = Z_STRLEN_PP(result);
*p = Z_STRVAL_PP(result);
zval_ptr_dtor(result);
return SUCCESS;
}
zval_ptr_dtor(result);
}
Keeping both completely separate, and not having the possibility of
corrupting the arg object pointer? As it is right now (with the patch
in the first mail), wouldn't the possibility still exist of nuking the
arg object pointer which could be used elsewhere (and hence cause the
memory leak and segfault when that variable is referenced again)?
(Un tested as of yet, just throwing it out there as it seems kind of
weird to overwrite the arg pointer for what seems like no reason)...
Anthony
On Mon, Feb 27, 2012 at 10:22 AM, Richard Lynch c...@l-i-e.com wrote:
On Mon, February 27, 2012 2:31 am, Laruence wrote:
On Mon, Feb 27, 2012 at 4:00 PM, Dmitry Stogov dmi...@zend.com
wrote:
Hi Laruence,
The attached patch looks wired. The patch on top of it (r323563)
makes it
better. However, in my opinion it fixes a common problem just in a
single
place. Each call to __toString() that makes side effects may cause
the
similar problem. It would be great to make a right fix in
zend_std_cast_object_tostring() itself, but probably it would
require API
Hi:
before this fix, I thought about the same idea of that.
but, you know, such change will need all exts who implmented
their own cast_object handler change there codes too.
for now, I exam the usage of std_cast_object_tostring, most of
them do the similar things like this fix to avoid this issues(like
ZEND_CAST handler).
so I think, maybe it's okey for a temporary fix :)
Perhaps a better solution would be to make a NEW function that uses
zval** and deprecate the old one with memory leaks.
Old extensions remain functional, new extension consume less memory.
(This presumes I actually understand the issue, which is questionable.)
--
brain cancer update:
http://richardlynch.blogspot.com/search/label/brain%20tumor
Donate:
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=FS9NLTNEEKWBE
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
