summaryrefslogtreecommitdiffstats
path: root/system/core/compat
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2014-07-07 13:41:57 +0200
committerAndrey Andreev <narf@devilix.net>2014-07-07 13:41:57 +0200
commit2da3550055ea20eba309ef68347a806a3986375d (patch)
tree4b912af637a838e6583467844e808bea774046e4 /system/core/compat
parent6500bc77232657141dbc34aa3c840dd9e205b84f (diff)
Fix potential bugs in password_hash(), CI_Encryption
strlen(), substr() are not byte-safe when mbstring.func_overload is enabled
Diffstat (limited to 'system/core/compat')
-rw-r--r--system/core/compat/password.php9
1 files changed, 6 insertions, 3 deletions
diff --git a/system/core/compat/password.php b/system/core/compat/password.php
index d5a017d9a..a8bc756f0 100644
--- a/system/core/compat/password.php
+++ b/system/core/compat/password.php
@@ -83,6 +83,9 @@ if ( ! function_exists('password_hash'))
*/
function password_hash($password, $algo, array $options = array())
{
+ static $func_override;
+ isset($func_override) OR $func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+
if ($algo !== 1)
{
trigger_error('password_hash(): Unknown hashing algorithm: '.(int) $algo, E_USER_WARNING);
@@ -95,9 +98,9 @@ if ( ! function_exists('password_hash'))
return NULL;
}
- if (isset($options['salt']) && strlen($options['salt']) < 22)
+ if (isset($options['salt']) && ($saltlen = ($func_override ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22)
{
- trigger_error('password_hash(): Provided salt is too short: '.strlen($options['salt']).' expecting 22', E_USER_WARNING);
+ trigger_error('password_hash(): Provided salt is too short: '.$saltlen.' expecting 22', E_USER_WARNING);
return NULL;
}
elseif ( ! isset($options['salt']))
@@ -119,7 +122,7 @@ if ( ! function_exists('password_hash'))
}
$options['salt'] = '';
- for ($read = 0; $read < 16; $read = strlen($options['salt']))
+ for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
{
if (($read = fread($fp, 16 - $read)) === FALSE)
{