Fix #64745 hash_pbkdf2 truncation issue

When using hash_pbkdf2 with hex output and 0 length (auto), it incorrectly
truncates the result to 1/2 the expected result.

diff --git a/NEWS b/NEWS
index b9a22261c9784f108596a20f4883afed84268b1e..d2d8aae30a3b3758511e6e8e599c4952029384bf 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,10 @@ PHP                                                                        NEWS
 -FPM:
   . Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi)
 
+- Hash:
+  . Fixed Bug #64745 (hash_pbkdf2() truncates data when using default length
+    and hex output). (Anthony Ferrara)
+
 23 May 2013, PHP 5.5.0 Release Candidate 2
 
 - Core:

diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 9492387dbb7148135deb9a70f8a1a580fb41ed0c..9cede1412525cf97125aeb0c6424a685d6792ea0 100644 (file)
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -659,6 +659,9 @@ PHP_FUNCTION(hash_pbkdf2)
        /* Setup Main Loop to build a long enough result */
        if (length == 0) {
                length = ops->digest_size;
+               if (!raw_output) {
+                       length = length * 2;
+               }
        }
        digest_length = length;
        if (!raw_output) {

diff --git a/ext/hash/tests/bug64745.phpt b/ext/hash/tests/bug64745.phpt
new file mode 100644 (file)
index 0000000..427f89b
--- /dev/null
+++ b/ext/hash/tests/bug64745.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #64745 hash_pbkdf2() truncates data when using default length and hex output
+--SKIPIF--
+<?php extension_loaded('hash') or die('skip'); ?>
+--FILE--
+<?php
+$hash = hash_pbkdf2('sha1', 'password', 'salt', 1, 0);
+$rawHash = hash_pbkdf2('sha1', 'password', 'salt', 1, 0, true);
+
+var_dump($hash);
+var_dump(bin2hex($rawHash));
+
+?>
+--EXPECT--
+string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6"
+string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6"
+