diff options
| -rw-r--r-- | ext/standard/crypt.c | 2 | ||||
| -rw-r--r-- | ext/standard/tests/strings/crypt_variation1.phpt | 23 |
2 files changed, 25 insertions, 0 deletions
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 03a080aa23..5bc2458894 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -179,6 +179,8 @@ PHP_FUNCTION(crypt) salt[2] = '\0'; #endif salt_in_len = strlen(salt); + } else { + salt_in_len = MIN(PHP_MAX_SALT_LEN, salt_in_len); } /* Windows (win32/crypt) has a stripped down version of libxcrypt and diff --git a/ext/standard/tests/strings/crypt_variation1.phpt b/ext/standard/tests/strings/crypt_variation1.phpt new file mode 100644 index 0000000000..6e0d3fe121 --- /dev/null +++ b/ext/standard/tests/strings/crypt_variation1.phpt @@ -0,0 +1,23 @@ +--TEST-- +crypt() function - long salt +--SKIPIF-- +<?php +if (!function_exists('crypt')) { + die("SKIP crypt() is not available"); +} +?> +--FILE-- +<?php + +$b = str_repeat("A", 124); +echo crypt("A", "$5$" . $b)."\n"; +$b = str_repeat("A", 125); +echo crypt("A", "$5$" . $b)."\n"; +$b = str_repeat("A", 4096); +echo crypt("A", "$5$" . $b)."\n"; + +?> +--EXPECTF-- +$5$AAAAAAAAAAAAAAAA$frotiiztWZiwcncxnY5tWG9Ida2WOZEximjLXCleQu6 +$5$AAAAAAAAAAAAAAAA$frotiiztWZiwcncxnY5tWG9Ida2WOZEximjLXCleQu6 +$5$AAAAAAAAAAAAAAAA$frotiiztWZiwcncxnY5tWG9Ida2WOZEximjLXCleQu6 |