From 416f8fce5cebb7d5859c28aede2d1b3d793acec2 Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Tue, 29 Oct 2013 18:53:45 +0900 Subject: [PATCH] Implemented Change crypt() behavior w/o salt RFC --- NEWS | 2 ++ ext/standard/crypt.c | 2 ++ ext/standard/tests/strings/crypt.phpt | 2 ++ 3 files changed, 6 insertions(+) diff --git a/NEWS b/NEWS index 0c45a23469..ed8bcc93b1 100644 --- a/NEWS +++ b/NEWS @@ -63,6 +63,8 @@ PHP NEWS - Standard: . Implemented FR #65634 (HTTP wrapper is very slow with protocol_version 1.1). (Adam) + . Implemented Change crypt() behavior w/o salt RFC. (Yasuo) + https://wiki.php.net/rfc/crypt_function_salt - XMLReader: . Fixed bug #55285 (XMLReader::getAttribute/No/Ns methods inconsistency). diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 113a5bd0f5..81c0bf3e0c 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -272,6 +272,8 @@ PHP_FUNCTION(crypt) if (salt_in) { memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len)); + } else { + php_error_docref(NULL TSRMLS_C, E_NOTICE, "No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash."); } /* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */ diff --git a/ext/standard/tests/strings/crypt.phpt b/ext/standard/tests/strings/crypt.phpt index ce178f684e..3dcff2eaf2 100644 --- a/ext/standard/tests/strings/crypt.phpt +++ b/ext/standard/tests/strings/crypt.phpt @@ -34,6 +34,8 @@ STD EXT MD5 BLO + +Notice: crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash. in %s on line %d string(%d) "%s" Warning: crypt() expects at least 1 parameter, 0 given in %s on line %d -- 2.40.0