From: Pierre Joye <pajoye@php.net>
Date: Mon, 2 Nov 2009 20:46:52 +0000 (+0000)
Subject: - Fixed #50052, Different Hashes on Windows and Linux on wrong Salt size
X-Git-Tag: php-5.4.0alpha1~191^2~2441
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=03ccb71ddc8684e6a926c06e75d9689bd190d78e;p=php

- Fixed #50052, Different Hashes on Windows and Linux on wrong Salt size
---

diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c
index dbc5dc3302..ce83b4d070 100644
--- a/ext/standard/php_crypt_r.c
+++ b/ext/standard/php_crypt_r.c
@@ -208,6 +208,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
  	if (strncpy_s(passwd + MD5_MAGIC_LEN, MD5_HASH_MAX_LEN - MD5_MAGIC_LEN, sp, sl + 1) != 0) {
  		goto _destroyCtx1;
  	}
+	passwd[MD5_MAGIC_LEN + sl] = '\0';
  	strcat_s(passwd, MD5_HASH_MAX_LEN, "$");
 #else
 	/* VC6 version doesn't have strcat_s or strncpy_s */
diff --git a/ext/standard/tests/strings/bug50052.phpt b/ext/standard/tests/strings/bug50052.phpt
new file mode 100644
index 0000000000..308505c17a
--- /dev/null
+++ b/ext/standard/tests/strings/bug50052.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Bug #50052 (Different Hashes on Windows and Linux on wrong Salt size)
+--FILE--
+<?php
+$salt = b'$1$f+uslYF01$';
+$password = b'test';
+echo $salt . "\n";
+echo crypt($password,$salt) . "\n";
+?>
+--EXPECT--
+$1$f+uslYF01$
+$1$f+uslYF0$orVloNmKSLvOeswusE0bY.