From 4b5e824aae7117d53f4f1be1351d3eaa79329a40 Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Wed, 19 Jun 2019 13:48:20 +0200 Subject: [PATCH] Use unsigned char in _crypt_extended_r Avoid signed shift UB. --- ext/standard/crypt.c | 2 +- ext/standard/crypt_freesec.c | 2 +- ext/standard/crypt_freesec.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 068d743d1a..d0b1e6a5a7 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -179,7 +179,7 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch memset(&buffer, 0, sizeof(buffer)); _crypt_extended_init_r(); - crypt_res = _crypt_extended_r(password, salt, &buffer); + crypt_res = _crypt_extended_r((const unsigned char *) password, salt, &buffer); if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) { return NULL; } else { diff --git a/ext/standard/crypt_freesec.c b/ext/standard/crypt_freesec.c index dc51b30150..572e5127b1 100644 --- a/ext/standard/crypt_freesec.c +++ b/ext/standard/crypt_freesec.c @@ -607,7 +607,7 @@ des_cipher(const char *in, char *out, uint32_t salt, int count, } char * -_crypt_extended_r(const char *key, const char *setting, +_crypt_extended_r(const unsigned char *key, const char *setting, struct php_crypt_extended_data *data) { int i; diff --git a/ext/standard/crypt_freesec.h b/ext/standard/crypt_freesec.h index c102736783..69271f23a7 100644 --- a/ext/standard/crypt_freesec.h +++ b/ext/standard/crypt_freesec.h @@ -28,7 +28,7 @@ struct php_crypt_extended_data { void _crypt_extended_init(void); -char *_crypt_extended_r(const char *key, const char *setting, +char *_crypt_extended_r(const unsigned char *key, const char *setting, struct php_crypt_extended_data *data); #endif -- 2.40.0