/[smeserver]/rpms/php/sme8/php-5.3.3-CVE-2011-2483.patch
ViewVC logotype

Contents of /rpms/php/sme8/php-5.3.3-CVE-2011-2483.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1.2.1 - (show annotations) (download)
Thu Nov 3 22:49:53 2011 UTC (13 years ago) by slords
Branch: redhat-upstream
CVS Tags: php-5_3_3-1_el5_7_3, php-5_3_3-13_el5_9_1, php-5_3_3-1_el5_7_6, php-5_3_3-13_el6
Changes since 1.1: +584 -0 lines
Upstream renamed

1
2 https://bugzilla.redhat.com/show_bug.cgi?id=715025
3
4 http://svn.php.net/viewvc?view=revision&revision=313406
5 http://svn.php.net/viewvc?view=revision&revision=313999
6
7 --- php-5.3.3/ext/standard/crypt_blowfish.c.cve2483
8 +++ php-5.3.3/ext/standard/crypt_blowfish.c
9 @@ -1,28 +1,39 @@
10 +/* $Id$ */
11 /*
12 - $Id: crypt_blowfish.c 295339 2010-02-21 23:47:14Z pajoye $
13 -*/
14 -/*
15 + * The crypt_blowfish homepage is:
16 + *
17 + * http://www.openwall.com/crypt/
18 + *
19 * This code comes from John the Ripper password cracker, with reentrant
20 * and crypt(3) interfaces added, but optimizations specific to password
21 * cracking removed.
22 *
23 - * Written by Solar Designer <solar at openwall.com> in 1998-2002 and
24 - * placed in the public domain.
25 + * Written by Solar Designer <solar at openwall.com> in 1998-2011.
26 + * No copyright is claimed, and the software is hereby placed in the public
27 + * domain. In case this attempt to disclaim copyright and place the software
28 + * in the public domain is deemed null and void, then the software is
29 + * Copyright (c) 1998-2011 Solar Designer and it is hereby released to the
30 + * general public under the following terms:
31 *
32 - * There's absolutely no warranty.
33 + * Redistribution and use in source and binary forms, with or without
34 + * modification, are permitted.
35 + *
36 + * There's ABSOLUTELY NO WARRANTY, express or implied.
37 *
38 * It is my intent that you should be able to use this on your system,
39 - * as a part of a software package, or anywhere else to improve security,
40 + * as part of a software package, or anywhere else to improve security,
41 * ensure compatibility, or for any other purpose. I would appreciate
42 * it if you give credit where it is due and keep your modifications in
43 * the public domain as well, but I don't require that in order to let
44 * you place this code and any modifications you make under a license
45 * of your choice.
46 *
47 - * This implementation is compatible with OpenBSD bcrypt.c (version 2a)
48 - * by Niels Provos <provos at citi.umich.edu>, and uses some of his
49 + * This implementation is mostly compatible with OpenBSD's bcrypt.c (prefix
50 + * "$2a$") by Niels Provos <provos at citi.umich.edu>, and uses some of his
51 * ideas. The password hashing algorithm was designed by David Mazieres
52 - * <dm at lcs.mit.edu>.
53 + * <dm at lcs.mit.edu>. For more information on the level of compatibility,
54 + * please refer to the comments in BF_set_key() below and to the crypt(3)
55 + * man page included in the crypt_blowfish tarball.
56 *
57 * There's a paper on the algorithm that explains its design decisions:
58 *
59 @@ -40,16 +51,8 @@
60 #define __set_errno(val) errno = (val)
61 #endif
62
63 -
64 -#ifndef __const
65 -#ifdef __GNUC__
66 -#define __CONST __const
67 -#else
68 -#define __CONST
69 -#endif
70 -#else
71 -#define __CONST __const
72 -#endif
73 +/* Just to make sure the prototypes match the actual definitions */
74 +#include "crypt_blowfish.h"
75
76 #ifdef __i386__
77 #define BF_ASM 0
78 @@ -63,6 +66,7 @@
79 #endif
80
81 typedef unsigned int BF_word;
82 +typedef signed int BF_word_signed;
83
84 /* Number of Blowfish rounds, this is also hardcoded into a few places */
85 #define BF_N 16
86 @@ -370,35 +374,21 @@ static unsigned char BF_atoi64[0x60] = {
87 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 64, 64, 64, 64, 64
88 };
89
90 -/*
91 - * This may be optimized out if built with function inlining and no BF_ASM.
92 - */
93 -static void clean(void *data, int size)
94 -{
95 -#if BF_ASM
96 - extern void _BF_clean(void *data);
97 -#endif
98 - memset(data, 0, size);
99 -#if BF_ASM
100 - _BF_clean(data);
101 -#endif
102 -}
103 -
104 #define BF_safe_atoi64(dst, src) \
105 { \
106 tmp = (unsigned char)(src); \
107 - if (tmp == '$') break; \
108 + if (tmp == '$') break; /* PHP hack */ \
109 if ((unsigned int)(tmp -= 0x20) >= 0x60) return -1; \
110 tmp = BF_atoi64[tmp]; \
111 if (tmp > 63) return -1; \
112 (dst) = tmp; \
113 }
114
115 -static int BF_decode(BF_word *dst, __CONST char *src, int size)
116 +static int BF_decode(BF_word *dst, const char *src, int size)
117 {
118 unsigned char *dptr = (unsigned char *)dst;
119 unsigned char *end = dptr + size;
120 - unsigned char *sptr = (unsigned char *)src;
121 + const unsigned char *sptr = (const unsigned char *)src;
122 unsigned int tmp, c1, c2, c3, c4;
123
124 do {
125 @@ -415,16 +405,16 @@ static int BF_decode(BF_word *dst, __CON
126 *dptr++ = ((c3 & 0x03) << 6) | c4;
127 } while (dptr < end);
128
129 - while (dptr < end)
130 + while (dptr < end) /* PHP hack */
131 *dptr++ = 0;
132
133 return 0;
134 }
135
136 -static void BF_encode(char *dst, __CONST BF_word *src, int size)
137 +static void BF_encode(char *dst, const BF_word *src, int size)
138 {
139 - unsigned char *sptr = (unsigned char *)src;
140 - unsigned char *end = sptr + size;
141 + const unsigned char *sptr = (const unsigned char *)src;
142 + const unsigned char *end = sptr + size;
143 unsigned char *dptr = (unsigned char *)dst;
144 unsigned int c1, c2;
145
146 @@ -555,32 +545,117 @@ static void BF_swap(BF_word *x, int coun
147 } while (ptr < &data.ctx.S[3][0xFF]);
148 #endif
149
150 -static void BF_set_key(__CONST char *key, BF_key expanded, BF_key initial)
151 +static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
152 + unsigned char flags)
153 {
154 - __CONST char *ptr = key;
155 - int i, j;
156 - BF_word tmp;
157 + const char *ptr = key;
158 + unsigned int bug, i, j;
159 + BF_word safety, sign, diff, tmp[2];
160 +
161 +/*
162 + * There was a sign extension bug in older revisions of this function. While
163 + * we would have liked to simply fix the bug and move on, we have to provide
164 + * a backwards compatibility feature (essentially the bug) for some systems and
165 + * a safety measure for some others. The latter is needed because for certain
166 + * multiple inputs to the buggy algorithm there exist easily found inputs to
167 + * the correct algorithm that produce the same hash. Thus, we optionally
168 + * deviate from the correct algorithm just enough to avoid such collisions.
169 + * While the bug itself affected the majority of passwords containing
170 + * characters with the 8th bit set (although only a percentage of those in a
171 + * collision-producing way), the anti-collision safety measure affects
172 + * only a subset of passwords containing the '\xff' character (not even all of
173 + * those passwords, just some of them). This character is not found in valid
174 + * UTF-8 sequences and is rarely used in popular 8-bit character encodings.
175 + * Thus, the safety measure is unlikely to cause much annoyance, and is a
176 + * reasonable tradeoff to use when authenticating against existing hashes that
177 + * are not reliably known to have been computed with the correct algorithm.
178 + *
179 + * We use an approach that tries to minimize side-channel leaks of password
180 + * information - that is, we mostly use fixed-cost bitwise operations instead
181 + * of branches or table lookups. (One conditional branch based on password
182 + * length remains. It is not part of the bug aftermath, though, and is
183 + * difficult and possibly unreasonable to avoid given the use of C strings by
184 + * the caller, which results in similar timing leaks anyway.)
185 + *
186 + * For actual implementation, we set an array index in the variable "bug"
187 + * (0 means no bug, 1 means sign extension bug emulation) and a flag in the
188 + * variable "safety" (bit 16 is set when the safety measure is requested).
189 + * Valid combinations of settings are:
190 + *
191 + * Prefix "$2a$": bug = 0, safety = 0x10000
192 + * Prefix "$2x$": bug = 1, safety = 0
193 + * Prefix "$2y$": bug = 0, safety = 0
194 + */
195 + bug = (unsigned int)flags & 1;
196 + safety = ((BF_word)flags & 2) << 15;
197 +
198 + sign = diff = 0;
199
200 for (i = 0; i < BF_N + 2; i++) {
201 - tmp = 0;
202 + tmp[0] = tmp[1] = 0;
203 for (j = 0; j < 4; j++) {
204 - tmp <<= 8;
205 - tmp |= *ptr;
206 -
207 - if (!*ptr) ptr = key; else ptr++;
208 + tmp[0] <<= 8;
209 + tmp[0] |= (unsigned char)*ptr; /* correct */
210 + tmp[1] <<= 8;
211 + tmp[1] |= (BF_word_signed)(signed char)*ptr; /* bug */
212 +/*
213 + * Sign extension in the first char has no effect - nothing to overwrite yet,
214 + * and those extra 24 bits will be fully shifted out of the 32-bit word. For
215 + * chars 2, 3, 4 in each four-char block, we set bit 7 of "sign" if sign
216 + * extension in tmp[1] occurs. Once this flag is set, it remains set.
217 + */
218 + if (j)
219 + sign |= tmp[1] & 0x80;
220 + if (!*ptr)
221 + ptr = key;
222 + else
223 + ptr++;
224 }
225 + diff |= tmp[0] ^ tmp[1]; /* Non-zero on any differences */
226
227 - expanded[i] = tmp;
228 - initial[i] = BF_init_state.P[i] ^ tmp;
229 + expanded[i] = tmp[bug];
230 + initial[i] = BF_init_state.P[i] ^ tmp[bug];
231 }
232 +
233 +/*
234 + * At this point, "diff" is zero iff the correct and buggy algorithms produced
235 + * exactly the same result. If so and if "sign" is non-zero, which indicates
236 + * that there was a non-benign sign extension, this means that we have a
237 + * collision between the correctly computed hash for this password and a set of
238 + * passwords that could be supplied to the buggy algorithm. Our safety measure
239 + * is meant to protect from such many-buggy to one-correct collisions, by
240 + * deviating from the correct algorithm in such cases. Let's check for this.
241 + */
242 + diff |= diff >> 16; /* still zero iff exact match */
243 + diff &= 0xffff; /* ditto */
244 + diff += 0xffff; /* bit 16 set iff "diff" was non-zero (on non-match) */
245 + sign <<= 9; /* move the non-benign sign extension flag to bit 16 */
246 + sign &= ~diff & safety; /* action needed? */
247 +
248 +/*
249 + * If we have determined that we need to deviate from the correct algorithm,
250 + * flip bit 16 in initial expanded key. (The choice of 16 is arbitrary, but
251 + * let's stick to it now. It came out of the approach we used above, and it's
252 + * not any worse than any other choice we could make.)
253 + *
254 + * It is crucial that we don't do the same to the expanded key used in the main
255 + * Eksblowfish loop. By doing it to only one of these two, we deviate from a
256 + * state that could be directly specified by a password to the buggy algorithm
257 + * (and to the fully correct one as well, but that's a side-effect).
258 + */
259 + initial[0] ^= sign;
260 }
261
262 -char *php_crypt_blowfish_rn(__CONST char *key, __CONST char *setting,
263 - char *output, int size)
264 +static char *BF_crypt(const char *key, const char *setting,
265 + char *output, int size,
266 + BF_word min)
267 {
268 #if BF_ASM
269 extern void _BF_body_r(BF_ctx *ctx);
270 #endif
271 + static const unsigned char flags_by_subtype[26] =
272 + {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
273 + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
274 struct {
275 BF_ctx ctx;
276 BF_key expanded_key;
277 @@ -602,7 +677,8 @@ char *php_crypt_blowfish_rn(__CONST char
278
279 if (setting[0] != '$' ||
280 setting[1] != '2' ||
281 - setting[2] != 'a' ||
282 + setting[2] < 'a' || setting[2] > 'z' ||
283 + !flags_by_subtype[(unsigned int)(unsigned char)setting[2] - 'a'] ||
284 setting[3] != '$' ||
285 setting[4] < '0' || setting[4] > '3' ||
286 setting[5] < '0' || setting[5] > '9' ||
287 @@ -613,15 +689,14 @@ char *php_crypt_blowfish_rn(__CONST char
288 }
289
290 count = (BF_word)1 << ((setting[4] - '0') * 10 + (setting[5] - '0'));
291 - if (count < 16 || BF_decode(data.binary.salt, &setting[7], 16)) {
292 - clean(data.binary.salt, sizeof(data.binary.salt));
293 + if (count < min || BF_decode(data.binary.salt, &setting[7], 16)) {
294 __set_errno(EINVAL);
295 return NULL;
296 }
297 -
298 BF_swap(data.binary.salt, 4);
299
300 - BF_set_key(key, data.expanded_key, data.ctx.P);
301 + BF_set_key(key, data.expanded_key, data.ctx.P,
302 + flags_by_subtype[(unsigned int)(unsigned char)setting[2] - 'a']);
303
304 memcpy(data.ctx.S, BF_init_state.S, sizeof(data.ctx.S));
305
306 @@ -651,51 +726,33 @@ char *php_crypt_blowfish_rn(__CONST char
307 } while (ptr < &data.ctx.S[3][0xFF]);
308
309 do {
310 - data.ctx.P[0] ^= data.expanded_key[0];
311 - data.ctx.P[1] ^= data.expanded_key[1];
312 - data.ctx.P[2] ^= data.expanded_key[2];
313 - data.ctx.P[3] ^= data.expanded_key[3];
314 - data.ctx.P[4] ^= data.expanded_key[4];
315 - data.ctx.P[5] ^= data.expanded_key[5];
316 - data.ctx.P[6] ^= data.expanded_key[6];
317 - data.ctx.P[7] ^= data.expanded_key[7];
318 - data.ctx.P[8] ^= data.expanded_key[8];
319 - data.ctx.P[9] ^= data.expanded_key[9];
320 - data.ctx.P[10] ^= data.expanded_key[10];
321 - data.ctx.P[11] ^= data.expanded_key[11];
322 - data.ctx.P[12] ^= data.expanded_key[12];
323 - data.ctx.P[13] ^= data.expanded_key[13];
324 - data.ctx.P[14] ^= data.expanded_key[14];
325 - data.ctx.P[15] ^= data.expanded_key[15];
326 - data.ctx.P[16] ^= data.expanded_key[16];
327 - data.ctx.P[17] ^= data.expanded_key[17];
328 -
329 - BF_body();
330 -
331 - tmp1 = data.binary.salt[0];
332 - tmp2 = data.binary.salt[1];
333 - tmp3 = data.binary.salt[2];
334 - tmp4 = data.binary.salt[3];
335 - data.ctx.P[0] ^= tmp1;
336 - data.ctx.P[1] ^= tmp2;
337 - data.ctx.P[2] ^= tmp3;
338 - data.ctx.P[3] ^= tmp4;
339 - data.ctx.P[4] ^= tmp1;
340 - data.ctx.P[5] ^= tmp2;
341 - data.ctx.P[6] ^= tmp3;
342 - data.ctx.P[7] ^= tmp4;
343 - data.ctx.P[8] ^= tmp1;
344 - data.ctx.P[9] ^= tmp2;
345 - data.ctx.P[10] ^= tmp3;
346 - data.ctx.P[11] ^= tmp4;
347 - data.ctx.P[12] ^= tmp1;
348 - data.ctx.P[13] ^= tmp2;
349 - data.ctx.P[14] ^= tmp3;
350 - data.ctx.P[15] ^= tmp4;
351 - data.ctx.P[16] ^= tmp1;
352 - data.ctx.P[17] ^= tmp2;
353 + int done;
354
355 - BF_body();
356 + for (i = 0; i < BF_N + 2; i += 2) {
357 + data.ctx.P[i] ^= data.expanded_key[i];
358 + data.ctx.P[i + 1] ^= data.expanded_key[i + 1];
359 + }
360 +
361 + done = 0;
362 + do {
363 + BF_body();
364 + if (done)
365 + break;
366 + done = 1;
367 +
368 + tmp1 = data.binary.salt[0];
369 + tmp2 = data.binary.salt[1];
370 + tmp3 = data.binary.salt[2];
371 + tmp4 = data.binary.salt[3];
372 + for (i = 0; i < BF_N; i += 4) {
373 + data.ctx.P[i] ^= tmp1;
374 + data.ctx.P[i + 1] ^= tmp2;
375 + data.ctx.P[i + 2] ^= tmp3;
376 + data.ctx.P[i + 3] ^= tmp4;
377 + }
378 + data.ctx.P[16] ^= tmp1;
379 + data.ctx.P[17] ^= tmp2;
380 + } while (1);
381 } while (--count);
382
383 for (i = 0; i < 6; i += 2) {
384 @@ -721,19 +778,114 @@ char *php_crypt_blowfish_rn(__CONST char
385 BF_encode(&output[7 + 22], data.binary.output, 23);
386 output[7 + 22 + 31] = '\0';
387
388 -/* Overwrite the most obvious sensitive data we have on the stack. Note
389 - * that this does not guarantee there's no sensitive data left on the
390 - * stack and/or in registers; I'm not aware of portable code that does. */
391 - clean(&data, sizeof(data));
392 -
393 return output;
394 }
395
396 -char *php_crypt_gensalt_blowfish_rn(unsigned long count,
397 - __CONST char *input, int size, char *output, int output_size)
398 +static int _crypt_output_magic(const char *setting, char *output, int size)
399 +{
400 + if (size < 3)
401 + return -1;
402 +
403 + output[0] = '*';
404 + output[1] = '0';
405 + output[2] = '\0';
406 +
407 + if (setting[0] == '*' && setting[1] == '0')
408 + output[1] = '1';
409 +
410 + return 0;
411 +}
412 +
413 +/*
414 + * Please preserve the runtime self-test. It serves two purposes at once:
415 + *
416 + * 1. We really can't afford the risk of producing incompatible hashes e.g.
417 + * when there's something like gcc bug 26587 again, whereas an application or
418 + * library integrating this code might not also integrate our external tests or
419 + * it might not run them after every build. Even if it does, the miscompile
420 + * might only occur on the production build, but not on a testing build (such
421 + * as because of different optimization settings). It is painful to recover
422 + * from incorrectly-computed hashes - merely fixing whatever broke is not
423 + * enough. Thus, a proactive measure like this self-test is needed.
424 + *
425 + * 2. We don't want to leave sensitive data from our actual password hash
426 + * computation on the stack or in registers. Previous revisions of the code
427 + * would do explicit cleanups, but simply running the self-test after hash
428 + * computation is more reliable.
429 + *
430 + * The performance cost of this quick self-test is around 0.6% at the "$2a$08"
431 + * setting.
432 + */
433 +char *php_crypt_blowfish_rn(const char *key, const char *setting,
434 + char *output, int size)
435 +{
436 + const char *test_key = "8b \xd0\xc1\xd2\xcf\xcc\xd8";
437 + const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu";
438 + static const char * const test_hash[2] =
439 + {"VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* $2x$ */
440 + "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2y$ */
441 + char *retval;
442 + const char *p;
443 + int save_errno, ok;
444 + struct {
445 + char s[7 + 22 + 1];
446 + char o[7 + 22 + 31 + 1 + 1 + 1];
447 + } buf;
448 +
449 +/* Hash the supplied password */
450 + _crypt_output_magic(setting, output, size);
451 + retval = BF_crypt(key, setting, output, size, 16);
452 + save_errno = errno;
453 +
454 +/*
455 + * Do a quick self-test. It is important that we make both calls to BF_crypt()
456 + * from the same scope such that they likely use the same stack locations,
457 + * which makes the second call overwrite the first call's sensitive data on the
458 + * stack and makes it more likely that any alignment related issues would be
459 + * detected by the self-test.
460 + */
461 + memcpy(buf.s, test_setting, sizeof(buf.s));
462 + if (retval)
463 + buf.s[2] = setting[2];
464 + memset(buf.o, 0x55, sizeof(buf.o));
465 + buf.o[sizeof(buf.o) - 1] = 0;
466 + p = BF_crypt(test_key, buf.s, buf.o, sizeof(buf.o) - (1 + 1), 1);
467 +
468 + ok = (p == buf.o &&
469 + !memcmp(p, buf.s, 7 + 22) &&
470 + !memcmp(p + (7 + 22),
471 + test_hash[(unsigned int)(unsigned char)buf.s[2] & 1],
472 + 31 + 1 + 1 + 1));
473 +
474 + {
475 + const char *k = "\xff\xa3" "34" "\xff\xff\xff\xa3" "345";
476 + BF_key ae, ai, ye, yi;
477 + BF_set_key(k, ae, ai, 2); /* $2a$ */
478 + BF_set_key(k, ye, yi, 4); /* $2y$ */
479 + ai[0] ^= 0x10000; /* undo the safety (for comparison) */
480 + ok = ok && ai[0] == 0xdb9c59bc && ye[17] == 0x33343500 &&
481 + !memcmp(ae, ye, sizeof(ae)) &&
482 + !memcmp(ai, yi, sizeof(ai));
483 + }
484 +
485 + __set_errno(save_errno);
486 + if (ok)
487 + return retval;
488 +
489 +/* Should not happen */
490 + _crypt_output_magic(setting, output, size);
491 + __set_errno(EINVAL); /* pretend we don't support this hash type */
492 + return NULL;
493 +}
494 +
495 +#if 0
496 +char *_crypt_gensalt_blowfish_rn(const char *prefix, unsigned long count,
497 + const char *input, int size, char *output, int output_size)
498 {
499 if (size < 16 || output_size < 7 + 22 + 1 ||
500 - (count && (count < 4 || count > 31))) {
501 + (count && (count < 4 || count > 31)) ||
502 + prefix[0] != '$' || prefix[1] != '2' ||
503 + (prefix[2] != 'a' && prefix[2] != 'y')) {
504 if (output_size > 0) output[0] = '\0';
505 __set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL);
506 return NULL;
507 @@ -743,14 +895,15 @@ char *php_crypt_gensalt_blowfish_rn(unsi
508
509 output[0] = '$';
510 output[1] = '2';
511 - output[2] = 'a';
512 + output[2] = prefix[2];
513 output[3] = '$';
514 output[4] = '0' + count / 10;
515 output[5] = '0' + count % 10;
516 output[6] = '$';
517
518 - BF_encode(&output[7], (BF_word *)input, 16);
519 + BF_encode(&output[7], (const BF_word *)input, 16);
520 output[7 + 22] = '\0';
521
522 return output;
523 }
524 +#endif
525 --- php-5.3.3/ext/standard/crypt_blowfish.h.cve2483
526 +++ php-5.3.3/ext/standard/crypt_blowfish.h
527 @@ -0,0 +1,32 @@
528 +/* $Id$ */
529 +/*
530 + * Written by Solar Designer <solar at openwall.com> in 2000-2011.
531 + * No copyright is claimed, and the software is hereby placed in the public
532 + * domain. In case this attempt to disclaim copyright and place the software
533 + * in the public domain is deemed null and void, then the software is
534 + * Copyright (c) 2000-2011 Solar Designer and it is hereby released to the
535 + * general public under the following terms:
536 + *
537 + * Redistribution and use in source and binary forms, with or without
538 + * modification, are permitted.
539 + *
540 + * There's ABSOLUTELY NO WARRANTY, express or implied.
541 + *
542 + * See crypt_blowfish.c for more information.
543 + */
544 +
545 +#ifndef _CRYPT_BLOWFISH_H
546 +#define _CRYPT_BLOWFISH_H
547 +
548 +#if 0
549 +extern int _crypt_output_magic(const char *setting, char *output, int size);
550 +#endif
551 +extern char *php_crypt_blowfish_rn(const char *key, const char *setting,
552 + char *output, int size);
553 +#if 0
554 +extern char *_crypt_gensalt_blowfish_rn(const char *prefix,
555 + unsigned long count,
556 + const char *input, int size, char *output, int output_size);
557 +#endif
558 +
559 +#endif
560 --- php-5.3.3/ext/standard/crypt.c.cve2483
561 +++ php-5.3.3/ext/standard/crypt.c
562 @@ -240,7 +240,7 @@ PHP_FUNCTION(crypt)
563 } else if (
564 salt[0] == '$' &&
565 salt[1] == '2' &&
566 - salt[2] == 'a' &&
567 + salt[2] >= 'a' && salt[2] <= 'z' &&
568 salt[3] == '$' &&
569 salt[4] >= '0' && salt[4] <= '3' &&
570 salt[5] >= '0' && salt[5] <= '9' &&
571 --- php-5.3.3/ext/standard/php_crypt_r.h.cve2483
572 +++ php-5.3.3/ext/standard/php_crypt_r.h
573 @@ -46,9 +46,9 @@ PHPAPI char *php_crypt_r (const char *__
574
575 #define MD5_HASH_MAX_LEN 120
576
577 +#include "crypt_blowfish.h"
578 +
579 extern char * php_md5_crypt_r(const char *pw, const char *salt, char *out);
580 -extern char * php_crypt_blowfish_rn(__CONST char *key, __CONST char *setting,
581 - char *output, int size);
582 extern char * php_sha512_crypt_r (const char *key, const char *salt, char *buffer, int buflen);
583 extern char * php_sha256_crypt_r (const char *key, const char *salt, char *buffer, int buflen);
584

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed