clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

sodium ext: check hash length for scrypt

Browse Source
This commit is contained in:
Frank Denis 2017-07-30 15:00:03 +02:00
parent 3f45262aa9
commit 74d7f1d04e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ext/sodium/libsodium.c
View File

@ -1670,7 +1670,7 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256)
&passwd, &passwd_len,
&salt, &salt_len,
&opslimit, &memlimit) == FAILURE ||
hash_len <= 0 || hash_len >= SIZE_MAX ||
hash_len <= 0 || hash_len >= SIZE_MAX || hash_len > 0x1fffffffe0ULL ||
opslimit <= 0 || memlimit <= 0 || memlimit > SIZE_MAX) {
zend_throw_exception(sodium_exception_ce, "invalid parameters", 0);
return;