archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-19 08:49:28 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge branch 'PHP-7.3' into PHP-7.4

Browse source 
* PHP-7.3:
  Fix #78510: Partially uninitialized buffer returned by sodium_crypto_generichash_init()
This commit is contained in:
Christoph M. Becker 2019-09-09 15:32:44 +02:00
commit 167ea6307b
3 changed files with 19 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
NEWS
View file

@ -16,6 +16,10 @@ PHP NEWS
- PDO_MySQL: - PDO_MySQL:
. Fixed bug #41997 (SP call yields additional empty result set). (cmb) . Fixed bug #41997 (SP call yields additional empty result set). (cmb)
- sodium:
. Fixed bug #78510 (Partially uninitialized buffer returned by
sodium_crypto_generichash_init()). (Frank Denis, cmb)
05 Sep 2019, PHP 7.4.0RC1 05 Sep 2019, PHP 7.4.0RC1
- Core: - Core:

1
ext/sodium/libsodium.c
View file

@ -952,6 +952,7 @@ PHP_FUNCTION(sodium_crypto_generichash_init)
zend_throw_exception(sodium_exception_ce, "unsupported key length", 0); zend_throw_exception(sodium_exception_ce, "unsupported key length", 0);
return; return;
} }
memset(&state_tmp, 0, sizeof state_tmp);
if (crypto_generichash_init((void *) &state_tmp, key, (size_t) key_len, if (crypto_generichash_init((void *) &state_tmp, key, (size_t) key_len,
(size_t) hash_len) != 0) { (size_t) hash_len) != 0) {
zend_throw_exception(sodium_exception_ce, "internal error", 0); zend_throw_exception(sodium_exception_ce, "internal error", 0);

14
ext/sodium/tests/bug78510.phpt Normal file
View file

@ -0,0 +1,14 @@
--TEST--
Bug #78510 (Partially uninitialized buffer returned by sodium_crypto_generichash_init())
--SKIPIF--
<?php
if (!extension_loaded("sodium")) print "skip extension not loaded";
?>
--FILE--
<?php
$key = hex2bin('36be2998c85757e98c1abf3687c8db3a849a393701c05454023d9aba1096fd47');
$y = sodium_crypto_generichash_init($key, 64);
var_dump(bin2hex($y));
?>
--EXPECT--
string(768) "48e9bdf267e6096a3ba7ca8485ae67bb2bf894fe72f36e3cf1361d5f3af54fa5d182e6ad7f520e511f6c3e2b8c68059b6bbd41fbabd9831f79217e1319cde05b000000000000000000000000000000000000000000000000000000000000000036be2998c85757e98c1abf3687c8db3a849a393701c05454023d9aba1096fd4700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000"