Commit: 9c1445c6bcee99dbe1eeb9eb8eb6cd626ca72a9c Author: Anthony Ferrara <ircmax...@gmail.com> Fri, 29 Jun 2012 11:32:25 -0400 Parents: 9e18e578f0e7f30c2d73ae38620b5fd228ac21eb Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=9c1445c6bcee99dbe1eeb9eb8eb6cd626ca72a9c Log: More refactoring of crypt into php_crypt, and fixing memory allocation Changed paths: M ext/standard/crypt.c M ext/standard/password.c M ext/standard/php_crypt.h Diff: diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 25f5ec0..3b443fc 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -145,7 +145,7 @@ static void php_to64(char *s, long v, int n) /* {{{ */ } /* }}} */ -PHPAPI int crypt_execute(const char *password, const int pass_len, const char *salt, int salt_len, char **result) +PHPAPI int php_crypt(const char *password, const int pass_len, const char *salt, int salt_len, char **result) { char *crypt_res; /* Windows (win32/crypt) has a stripped down version of libxcrypt and @@ -159,46 +159,38 @@ PHPAPI int crypt_execute(const char *password, const int pass_len, const char *s out = php_md5_crypt_r(password, salt, output); if (out) { - *result = (char *) emalloc(MD5_HASH_MAX_LEN + 1); - memcpy(*result, out, MD5_HASH_MAX_LEN); - *result[MD5_HASH_MAX_LEN] = 0; + *result = estrdup(out); return SUCCESS; } return FAILURE; } else if (salt[0]=='$' && salt[1]=='6' && salt[2]=='$') { - const char sha512_salt_prefix[] = "$6$"; - const char sha512_rounds_prefix[] = "rounds="; char *output; - int needed = (sizeof(sha512_salt_prefix) - 1 - + sizeof(sha512_rounds_prefix) + 9 + 1 - + salt_in_len + 1 + 86 + 1); - output = emalloc(needed); + output = emalloc(PHP_MAX_SALT_LEN); - crypt_res = php_sha512_crypt_r(password, salt, output, needed); + crypt_res = php_sha512_crypt_r(password, salt, output, PHP_MAX_SALT_LEN); if (!crypt_res) { - memset(output, 0, needed); + memset(output, 0, PHP_MAX_SALT_LEN); efree(output); return FAILURE; } else { - *result = output; + *result = estrdup(output); + memset(output, 0, PHP_MAX_SALT_LEN); + efree(output); return SUCCESS; } } else if (salt[0]=='$' && salt[1]=='5' && salt[2]=='$') { - const char sha256_salt_prefix[] = "$5$"; - const char sha256_rounds_prefix[] = "rounds="; char *output; - int needed = (sizeof(sha256_salt_prefix) - 1 - + sizeof(sha256_rounds_prefix) + 9 + 1 - + salt_in_len + 1 + 43 + 1); - output = emalloc(needed); + output = emalloc(PHP_MAX_SALT_LEN); - crypt_res = php_sha256_crypt_r(password, salt, output, needed); + crypt_res = php_sha256_crypt_r(password, salt, output, PHP_MAX_SALT_LEN); if (!crypt_res) { - memset(output, 0, needed); + memset(output, 0, PHP_MAX_SALT_LEN); efree(output); return FAILURE; } else { - *result = output; + *result = estrdup(output); + memset(output, 0, PHP_MAX_SALT_LEN); + efree(output); return SUCCESS; } } else if ( @@ -218,11 +210,7 @@ PHPAPI int crypt_execute(const char *password, const int pass_len, const char *s memset(output, 0, PHP_MAX_SALT_LEN + 1); return FAILURE; } else { - int result_len; - result_len = strlen(output); - *result = emalloc(result_len + 1); - memcpy(*result, output, result_len); - (*result)[result_len] = 0; + *result = estrdup(output); memset(output, 0, PHP_MAX_SALT_LEN + 1); return SUCCESS; } @@ -234,11 +222,7 @@ PHPAPI int crypt_execute(const char *password, const int pass_len, const char *s if (!crypt_res) { return FAILURE; } else { - int result_len; - result_len = strlen(crypt_res); - *result = emalloc(result_len + 1); - memcpy(*result, crypt_res, result_len); - (*result)[result_len] = 0; + *result = estrdup(crypt_res); return SUCCESS; } } @@ -259,11 +243,7 @@ PHPAPI int crypt_execute(const char *password, const int pass_len, const char *s if (!crypt_res) { return FAILURE; } else { - int result_len; - result_len = strlen(crypt_res); - *result = emalloc(result_len + 1); - memcpy(*result, crypt_res, result_len); - (*result)[result_len] = '\0'; + *result = estrdup(crypt_res); return SUCCESS; } } @@ -311,15 +291,14 @@ PHP_FUNCTION(crypt) } salt[salt_in_len] = '\0'; - if (crypt_execute(str, str_len, salt, salt_in_len, &result) == FAILURE) { + if (php_crypt(str, str_len, salt, salt_in_len, &result) == FAILURE) { if (salt[0] == '*' && salt[1] == '0') { RETURN_STRING("*1", 1); } else { RETURN_STRING("*0", 1); } } - RETVAL_STRING(result, 1); - efree(result); + RETURN_STRING(result, 0); } /* }}} */ #endif diff --git a/ext/standard/password.c b/ext/standard/password.c index dfe624d..982ae7d 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -166,7 +166,7 @@ PHP_FUNCTION(password_verify) if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &password, &password_len, &hash, &hash_len) == FAILURE) { RETURN_FALSE; } - if (crypt_execute(password, password_len, hash, hash_len, &ret) == FAILURE) { + if (php_crypt(password, password_len, hash, hash_len, &ret) == FAILURE) { RETURN_FALSE; } @@ -323,7 +323,7 @@ PHP_FUNCTION(password_hash) efree(hash_format); efree(salt); - if (crypt_execute(password, password_len, hash, hash_format_len + salt_len, &result) == FAILURE) { + if (php_crypt(password, password_len, hash, hash_format_len + salt_len, &result) == FAILURE) { efree(hash); RETURN_FALSE; } @@ -335,8 +335,7 @@ PHP_FUNCTION(password_hash) RETURN_FALSE; } - RETVAL_STRING(result, 1); - efree(result); + RETURN_STRING(result, 0); } /* }}} */ diff --git a/ext/standard/php_crypt.h b/ext/standard/php_crypt.h index 1dffb0b..7410a8c 100644 --- a/ext/standard/php_crypt.h +++ b/ext/standard/php_crypt.h @@ -23,7 +23,7 @@ #ifndef PHP_CRYPT_H #define PHP_CRYPT_H -PHPAPI int crypt_execute(const char *password, const int pass_len, const char *salt, int salt_len, char **result); +PHPAPI int php_crypt(const char *password, const int pass_len, const char *salt, int salt_len, char **result); PHP_FUNCTION(crypt); #if HAVE_CRYPT PHP_MINIT_FUNCTION(crypt); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php