From: Pierre Joye Date: Tue, 24 May 2011 13:48:04 +0000 (+0000) Subject: - Fix #54721, different Hashes on Windows, BSD and Linux on wrong Salt size X-Git-Tag: php-5.3.7RC1~82 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e38369c53240a77e03e1f7f9d5ab9b660b478a41;p=php - Fix #54721, different Hashes on Windows, BSD and Linux on wrong Salt size --- diff --git a/NEWS b/NEWS index d9129fb2fe..5ab2c4a844 100644 --- a/NEWS +++ b/NEWS @@ -37,8 +37,10 @@ PHP NEWS (tomas dot brastavicius at quantum dot lt, Pierrick) . Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using TMPDIR on Windows). (Pierre) - . Fixed bug 54866 (incorrect accounting for realpath_cache_size) (Dustin Ward) - + . Fixed bug #54866 (incorrect accounting for realpath_cache_size) (Dustin Ward) + . Fixed bug #54721 (Different Hashes on Windows, BSD and Linux on wrong Salt size) + (Pierre, os at irj dot ru) + - Apache2 Handler SAPI: . Fixed bug #54529 (SAPI crashes on apache_config.c:197). (hebergement at riastudio dot fr) diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c index d263269537..d5c86a8eca 100644 --- a/ext/standard/php_crypt_r.c +++ b/ext/standard/php_crypt_r.c @@ -197,7 +197,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) { goto _destroyCtx1; } - dwHashLen = pwl + sl + pwl; + dwHashLen = 16; CryptGetHashParam(ctx1, HP_HASHVAL, final, &dwHashLen, 0); /* MD5(pw,salt,pw). Valid. */ diff --git a/ext/standard/tests/strings/bug54721.phpt b/ext/standard/tests/strings/bug54721.phpt new file mode 100644 index 0000000000..3851df1542 --- /dev/null +++ b/ext/standard/tests/strings/bug54721.phpt @@ -0,0 +1,20 @@ +--TEST-- +Bug #54721 (Different Hashes on Windows, BSD and Linux on wrong Salt size) +--FILE-- + +--EXPECT-- +$1$dW0.is5.$I0iqTYHPzkP4YnRgnXxZW0 +$1$dW0.is5.$KaspRpPQ9U7Xb5Vv5c.WE/ +$1$dW0.is5.$X9G1x/Ep8zYQSrU4/lKUg. +$1$dW0.is5.$wE5Rz/HxPtDMfqil6kK980 +$1$dW0.is5.$2E4/ZDY1vr73HqLl1bLs9. +$1$dW0.is5.$lvGhphTQwqgKxWhWwYERr1 +$1$dW0.is5.$XzsWcLSBj2BvhOKH0xdpZ0