summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2014-09-30 19:30:06 +0200
committerAndrey Andreev <narf@devilix.net>2014-09-30 19:30:06 +0200
commitb627430ae60d7c5f13ecc2f289bce8185c218be0 (patch)
treed2ba4c1244b0c08e0118b2cde4a1bea6d7b3a1fe /system/core
parent5bf4dcde18ae0d584c2dc701ccc8e43124549130 (diff)
Make sure we don't waste entropy
Diffstat (limited to 'system/core')
-rwxr-xr-xsystem/core/Security.php1
-rw-r--r--system/core/compat/password.php1
2 files changed, 2 insertions, 0 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 4b204ad95..b97df4647 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -573,6 +573,7 @@ class CI_Security {
if (is_readable('/dev/urandom') && ($fp = fopen('/dev/urandom', 'rb')) !== FALSE)
{
+ stream_set_chunk_size($fp, $length);
$output = fread($fp, $length);
fclose($fp);
if ($output !== FALSE)
diff --git a/system/core/compat/password.php b/system/core/compat/password.php
index a8bc756f0..60aa578db 100644
--- a/system/core/compat/password.php
+++ b/system/core/compat/password.php
@@ -121,6 +121,7 @@ if ( ! function_exists('password_hash'))
return FALSE;
}
+ stream_set_chunk_size($fp, 16);
$options['salt'] = '';
for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
{