archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix bug GHSA-q6x7-frmf-grcw: password_verify can erroneously return true

Browse source 
Disallow null character in bcrypt password
This commit is contained in:
Jakub Zelenka 2024-03-29 15:27:59 +00:00 committed by Ben Ramsey
parent b756b5a461
commit 11f2568767
No known key found for this signature in database
GPG key ID: F9C39DC0B9698544
2 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ext/standard/password.c
View file

@ -184,6 +184,11 @@ static zend_string* php_password_bcrypt_hash(const zend_string *password, zend_a
zval *zcost; zval *zcost;
zend_long cost = PHP_PASSWORD_BCRYPT_COST; zend_long cost = PHP_PASSWORD_BCRYPT_COST;
if (memchr(ZSTR_VAL(password), '\0', ZSTR_LEN(password))) {
zend_value_error("Bcrypt password must not contain null character");
return NULL;
}
if (options && (zcost = zend_hash_str_find(options, "cost", sizeof("cost")-1)) != NULL) { if (options && (zcost = zend_hash_str_find(options, "cost", sizeof("cost")-1)) != NULL) {
cost = zval_get_long(zcost); cost = zval_get_long(zcost);
} }

7
ext/standard/tests/password/password_bcrypt_errors.phpt
View file

@ -14,7 +14,14 @@ try {
} catch (ValueError $exception) { } catch (ValueError $exception) {
echo $exception->getMessage() . "\n"; echo $exception->getMessage() . "\n";
} }
try {
var_dump(password_hash("null\0password", PASSWORD_BCRYPT));
} catch (ValueError $e) {
echo $e->getMessage(), "\n";
}
?> ?>
--EXPECT-- --EXPECT--
Invalid bcrypt cost parameter specified: 3 Invalid bcrypt cost parameter specified: 3
Invalid bcrypt cost parameter specified: 32 Invalid bcrypt cost parameter specified: 32
Bcrypt password must not contain null character