Anthony Ferrara
6cc3c65fbf
Remove php.ini setting for default bcrypt cost
2012-07-03 07:33:55 -04:00
Anthony Ferrara
f53112fdcf
Update password.c to use safe_emalloc in sensitive places
2012-06-29 11:37:39 -04:00
Anthony Ferrara
9c1445c6bc
More refactoring of crypt into php_crypt, and fixing memory allocation
2012-06-29 11:32:25 -04:00
Anthony Ferrara
9e18e578f0
Merge remote branch 'upstream/master' into hash_password
...
Conflicts:
ext/standard/crypt.c
2012-06-29 10:29:58 -04:00
andrey
c51fbbe4b4
merge
2012-06-29 16:58:53 +03:00
andrey
2abf2738f4
Merge branch 'master' of ssh://git.php.net/php-src
2012-06-29 14:39:47 +03:00
Nikita Popov
0b96fb4af5
Merge branch 'PHP-5.4'
...
* PHP-5.4:
Fix some lengths in crypt()
2012-06-29 13:15:53 +02:00
Nikita Popov
d86b6ea35c
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
Fix some lengths in crypt()
Conflicts:
ext/standard/crypt.c
2012-06-29 13:15:35 +02:00
Nikita Popov
e6cf7d7745
Fix some lengths in crypt()
...
Use salt_len_in instead of strlen(salt) or PHP_MAX_SALT_LEN, otherwise too
much memory will be allocated.
sha512 has a 86 character checksum, not 43. That probably was a copy&paste
from the sha256 code which indeed has 43.
The allocation also was using sizeof(char *), thus allocating 4 or 8 times
as much memory as necessary. The sizeof(char *) was removed in the 5.4
branch in b7a92c9
but forgotten on 5.3.
The memset 0 call was using PHP_MAX_SALT_LEN which can be smaller than the
output buffer and thus not zeroing out everything. Use the size of the
output buffer (needed) instead.
2012-06-29 13:11:43 +02:00
andrey
267eba1805
Merge branch 'master' of ssh://git.php.net/php-src
2012-06-29 12:44:49 +03:00
andrey
0620ad2031
Merge branch 'PHP-5.4'
2012-06-29 12:43:41 +03:00
andrey
08f4b3c3ac
Merge branch 'PHP-5.3' into PHP-5.4
2012-06-29 12:43:14 +03:00
andrey
f826ea093f
new charsets
2012-06-29 12:42:54 +03:00
Anthony Ferrara
63318772ae
Merge branch 'PHP-5.4'
...
* PHP-5.4:
Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)
2012-06-28 20:38:31 -04:00
Anthony Ferrara
34ab5650bc
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)
2012-06-28 20:36:21 -04:00
Anthony Ferrara
7e8276ca68
Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)
...
Fixed a memory allocation bug in crypt() SHA256/512 that can
cause segmentation faults when passed in salts with a null byte
early.
2012-06-28 20:00:03 -04:00
Nikita Popov
cd7ab5cd11
Merge branch 'PHP-5.4'
...
* PHP-5.4:
Add json_last_error_msg() function
2012-06-29 00:22:45 +02:00
Anthony Ferrara
da3d8bf514
Refactor password.c a bit, add different error checking
2012-06-28 15:29:40 -04:00
Anthony Ferrara
6bb3865a23
Refactor crypt to use an external working function
2012-06-28 14:44:04 -04:00
Nikita Popov
405ebfcd18
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
Add json_last_error_msg() function
2012-06-28 20:18:19 +02:00
Nikita Popov
974324676b
Add json_last_error_msg() function
...
This replaces json_last_error(true) and is consistent with other custom
error handling functions.
2012-06-28 20:11:27 +02:00
Johannes Schlüter
b025b9d0cf
Fix #62432 ReflectionMethod random corrupt memory on high concurrent
...
This fixes the same issue in multiple extensions. This isn't needed
in later branches as 5.4 introduced object_properties_init()
2012-06-27 23:26:33 +02:00
Anthony Ferrara
0dd2f16b14
Fix formatting issues in password.c
2012-06-27 11:04:41 -04:00
andrey
46879ee4c2
Merge branch 'master' of http://git.php.net/repository/php-src
2012-06-27 16:51:35 +03:00
andrey
6e648e9340
trace allocations in a file
2012-06-27 16:51:07 +03:00
Felipe Pena
8d264dba93
- Fixed build
2012-06-27 09:01:02 -03:00
Nikita Popov
31dbd46641
Merge branch 'PHP-5.4'
...
* PHP-5.4:
Improve JSON error handling
Conflicts:
main/php_version.h
2012-06-27 12:32:20 +02:00
Nikita Popov
d372b33c9b
Merge branch 'PHP-5.3' into PHP-5.4
...
* PHP-5.3:
Improve JSON error handling
Conflicts:
ext/json/tests/bug54058.phpt
ext/json/tests/bug61537.phpt
2012-06-27 12:28:55 +02:00
Nikita Popov
4662151ea7
Improve JSON error handling
...
json_encode() no longer throws warnings. Instead only the error code for
json_last_error() is set.
As it is hard to debug the error from just an error code an optional
$as_string parameter was added to json_last_error(), which returns an
error message instead of an error code.
2012-06-27 12:21:48 +02:00
Anthony Ferrara
5f44be03af
Add tests and error checking for large salt requested values to prevent overflow on allocation
2012-06-26 23:09:08 -04:00
Anthony Ferrara
2b9591f11f
Update tests to check ini setting
2012-06-26 22:13:51 -04:00
Anthony Ferrara
e505316aeb
Add tests for password hashing
2012-06-26 22:05:25 -04:00
Anthony Ferrara
232da90388
Implement php.ini setting password.bcrypt_cost
2012-06-26 21:15:56 -04:00
Johannes Schlüter
02d8e8959b
Merge branch 'master' of git.php.net:/php-src
...
* 'master' of git.php.net:/php-src: (22 commits)
Fix bug #62373 (serialize() generates wrong reference to the object)
Update UPGRADING given 7596445
Fix typo in error message
BreakIterator: fix compat with old ICU versions
Fix build error one ext/intl
Duplicate test for ICU 49
Fix undeclared intl_locale_get_default()
Fix memory allocation checks for base64 encode
Improve json_encode error handling
- BFN
- BFN
- Improved fix for #62384
BreakIterator::getPartsIterator: new optional arg
Added IntlCodePointBreakIterator.
Add Intl prefix to BreakIterator/RuleBasedBI
Remove trailing space
Replaced zend_parse_method_params with plain zpp
BreakIter: Removed getAvailableLocales/getHashCode
Change in BreakIterator::getPartsIterator()
BreakIterator: add rules status constants
...
2012-06-26 12:34:36 +02:00
Johannes Schlüter
d6e421f6a6
Pass orig filename and line through to emalloc and friends
2012-06-26 12:33:36 +02:00
Anthony Ferrara
2d4b7cb653
Refactor salt generation, rename password_create to password_hash
2012-06-25 21:22:16 -04:00
Anthony Ferrara
41d7374ea4
Implement openssl support for make_salt
2012-06-25 11:37:48 -04:00
Anthony Ferrara
618f262956
More error checking, and some cleaning up for password.c
2012-06-25 08:50:39 -04:00
Anthony Ferrara
18d3bd9481
Basic random generator added to make_salt
2012-06-25 08:15:17 -04:00
Moriyoshi Koizumi
88cf472b92
Merge branch 'PHP-5.4'
...
* PHP-5.4:
Fix bug #62373 (serialize() generates wrong reference to the object)
2012-06-25 19:16:40 +09:00
Moriyoshi Koizumi
91e1df704e
Fix bug #62373 (serialize() generates wrong reference to the object)
2012-06-25 19:14:19 +09:00
Moriyoshi Koizumi
e427182279
Fix bug #62373 (serialize() generates wrong reference to the object)
2012-06-25 19:13:23 +09:00
Gustavo André dos Santos Lopes
75964450ed
Merge branch 'break_iterator'
...
* break_iterator:
Fix typo in error message
BreakIterator: fix compat with old ICU versions
Fix build error one ext/intl
BreakIterator::getPartsIterator: new optional arg
Added IntlCodePointBreakIterator.
Add Intl prefix to BreakIterator/RuleBasedBI
Remove trailing space
Replaced zend_parse_method_params with plain zpp
BreakIter: Removed getAvailableLocales/getHashCode
Change in BreakIterator::getPartsIterator()
BreakIterator: add rules status constants
Tests for (RuleBased)BreakIterator.
BreakIterator and RuleBasedBreakiterator added
2012-06-25 12:11:49 +02:00
Gustavo André dos Santos Lopes
0df73a85e1
Fix typo in error message
2012-06-25 12:06:31 +02:00
Gustavo André dos Santos Lopes
d8b067e66f
BreakIterator: fix compat with old ICU versions
2012-06-25 12:05:13 +02:00
Gustavo André dos Santos Lopes
5a9dca458a
Fix build error one ext/intl
2012-06-25 11:53:20 +02:00
Gustavo André dos Santos Lopes
715e59ad82
Duplicate test for ICU 49
...
The output in ICU < 49 actually seems wrong here; ICU 49 seems to
fix the data.
2012-06-25 11:13:23 +02:00
Gustavo André dos Santos Lopes
9c5074a484
Fix undeclared intl_locale_get_default()
...
This was causing segfaults at least in the resourcebundle
constructor.
Also moved intl_locale_get_default() to a more central location
and fixed a constness warning in resourcebundle_ctor().
2012-06-25 10:59:58 +02:00
Anthony Ferrara
f7097d99ff
Fix memory leak on branch
2012-06-24 23:36:09 -04:00
Anthony Ferrara
657402832b
Implement password_verify
2012-06-24 23:35:26 -04:00