- Fixed #50052, Different Hashes on Windows and Linux on wrong Salt size

diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c
index e0465fdb597da812872b4dad66e6c932e45a15aa..4307f4c9036a660c2998bbb035b80f321fce1752 100644 (file)
--- a/ext/standard/php_crypt_r.c
+++ b/ext/standard/php_crypt_r.c
@@ -208,6 +208,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
        if (strncpy_s(passwd + MD5_MAGIC_LEN, MD5_HASH_MAX_LEN - MD5_MAGIC_LEN, sp, sl + 1) != 0) {
                goto _destroyCtx1;
        }
+       passwd[MD5_MAGIC_LEN + sl] = '\0';
        strcat_s(passwd, MD5_HASH_MAX_LEN, "$");
 #else
        /* VC6 version doesn't have strcat_s or strncpy_s */

diff --git a/ext/standard/tests/strings/bug50052.phpt b/ext/standard/tests/strings/bug50052.phpt
new file mode 100644 (file)
index 0000000..96d8599
--- /dev/null
+++ b/ext/standard/tests/strings/bug50052.phpt
@@ -0,0 +1,12 @@
+--TEST--\r
+Bug #50052 (Different Hashes on Windows and Linux on wrong Salt size)\r
+--FILE--\r
+<?php\r
+$salt = '$1$f+uslYF01$';\r
+$password = 'test';\r
+echo $salt . "\n";\r
+echo crypt($password,$salt) . "\n";\r
+?>\r
+--EXPECT--\r
+$1$f+uslYF01$\r
+$1$f+uslYF0$orVloNmKSLvOeswusE0bY.\r