mirror of
https://github.com/php/php-src.git
synced 2024-09-22 18:37:25 +00:00
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0: Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
This commit is contained in:
commit
22a825db85
@ -158,6 +158,14 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch
|
||||
salt[1] == '2' &&
|
||||
salt[3] == '$') {
|
||||
char output[PHP_MAX_SALT_LEN + 1];
|
||||
int k = 7;
|
||||
|
||||
while (isalnum(salt[k]) || '.' == salt[k] || '/' == salt[k]) {
|
||||
k++;
|
||||
}
|
||||
if (k != salt_len) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
memset(output, 0, PHP_MAX_SALT_LEN + 1);
|
||||
|
||||
|
17
ext/standard/tests/strings/bug72703.phpt
Normal file
17
ext/standard/tests/strings/bug72703.phpt
Normal file
@ -0,0 +1,17 @@
|
||||
--TEST--
|
||||
Bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
|
||||
--SKIPIF--
|
||||
<?php
|
||||
if (!function_exists('crypt'))) {
|
||||
die("SKIP crypt() is not available");
|
||||
}
|
||||
?>
|
||||
--FILE--
|
||||
<?php
|
||||
var_dump(password_verify("","$2y$10$$"));
|
||||
?>
|
||||
==OK==
|
||||
--EXPECT--
|
||||
bool(false)
|
||||
==OK==
|
||||
|
Loading…
Reference in New Issue
Block a user