]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3fa5064)
zero sensitive data more secure way
authorAnatol Belski <ab@php.net>
Thu, 18 Sep 2014 20:02:04 +0000 (22:02 +0200)
committerAnatol Belski <ab@php.net>
Thu, 18 Sep 2014 22:06:34 +0000 (00:06 +0200)
ext/standard/crypt.c patch | blob | history

diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
index 1a9acf5bd68e406b7f756c7b069964ec81513850..b2524a0767156699edc12afdf7ab56eb2ed8854a 100644 (file)
--- a/ext/standard/crypt.c
+++ b/ext/standard/crypt.c
@@ -211,7 +211,11 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch
                                return NULL;
                        } else {
                                result = zend_string_init(output, strlen(output), 0);
+#ifdef PHP_WIN32
+                               RtlSecureZeroMemory(output, PHP_MAX_SALT_LEN + 1);
+#else
                                memset(output, 0, PHP_MAX_SALT_LEN + 1);
+#endif
                                return result;
                        }
                } else {
Unnamed repository; edit this file 'description' to name the repository.