From: Anthony Ferrara <ircmaxell@gmail.com>
Date: Wed, 21 Aug 2013 16:10:40 +0000 (-0400)
Subject: Fix return types of password API helper functions.
X-Git-Tag: php-5.5.4RC1~29
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=83e3466898abcde99d0bd0b3dadc43b416e5cde6;p=php

Fix return types of password API helper functions.

This fixes issues that were found during static analysis by cjones where failure was impossible to detect due to return type mangling (casting an int to a char, then comparing to an int).
---

diff --git a/NEWS b/NEWS
index 1902520239..75a0b3c6b9 100644
--- a/NEWS
+++ b/NEWS
@@ -21,6 +21,10 @@ PHP                                                                        NEWS
   . Fixed bug #51127/#65359 Request #25630/#43980/#54383 (Added php_serialize 
     session serialize handler that uses plain serialize()). (Yasuo)
 
+- Standard:
+  . Fix issue with return types of password API helper functions. Found via static
+    analysis by cjones. (Anthony Ferrara) 
+
 22 Aug 2013, PHP 5.5.3
 
 - Openssl:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 212799100c..ca852038a6 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -66,20 +66,20 @@ static php_password_algo php_password_determine_algo(const char *hash, const siz
 	return PHP_PASSWORD_UNKNOWN;
 }
 
-static zend_bool php_password_salt_is_alphabet(const char *str, const size_t len) /* {{{ */
+static int php_password_salt_is_alphabet(const char *str, const size_t len) /* {{{ */
 {
 	size_t i = 0;
 
 	for (i = 0; i < len; i++) {
 		if (!((str[i] >= 'A' && str[i] <= 'Z') || (str[i] >= 'a' && str[i] <= 'z') || (str[i] >= '0' && str[i] <= '9') || str[i] == '.' || str[i] == '/')) {
-			return 0;
+			return FAILURE;
 		}
 	}
-	return 1;
+	return SUCCESS;
 }
 /* }}} */
 
-static zend_bool php_password_salt_to64(const char *str, const size_t str_len, const size_t out_len, char *ret) /* {{{ */
+static int php_password_salt_to64(const char *str, const size_t str_len, const size_t out_len, char *ret) /* {{{ */
 {
 	size_t pos = 0;
 	size_t ret_len = 0;
@@ -108,7 +108,7 @@ static zend_bool php_password_salt_to64(const char *str, const size_t str_len, c
 }
 /* }}} */
 
-static zend_bool php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */
+static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */
 {
 	int buffer_valid = 0;
 	size_t i, raw_length;
@@ -395,7 +395,7 @@ PHP_FUNCTION(password_hash)
 			efree(buffer);
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Provided salt is too short: %lu expecting %lu", (unsigned long) buffer_len, (unsigned long) required_salt_len);
 			RETURN_NULL();
-		} else if (0 == php_password_salt_is_alphabet(buffer, buffer_len)) {
+		} else if (php_password_salt_is_alphabet(buffer, buffer_len) == FAILURE) {
 			salt = safe_emalloc(required_salt_len, 1, 1);
 			if (php_password_salt_to64(buffer, buffer_len, required_salt_len, salt) == FAILURE) {
 				efree(hash_format);