Move overflow checks in openssl_pbkdf2

2026-04-25 17:08:14 +02:00 · 2015-08-19 20:06:58 +01:00
parent 09970d8031
commit 478ecc674b
1 changed files with 5 additions and 5 deletions
@@ -4022,11 +4022,6 @@ PHP_FUNCTION(openssl_pbkdf2)
 		RETURN_FALSE;
 	}

-	PHP_OPENSSL_CHECK_OVERFLOW(key_length, key);
-	PHP_OPENSSL_CHECK_OVERFLOW(iterations, iterations);
-	PHP_OPENSSL_CHECK_OVERFLOW(password_len, password);
-	PHP_OPENSSL_CHECK_OVERFLOW(salt_len, salt);
-
 	if (method_len) {
 		digest = EVP_get_digestbyname(method);
 	} else {
@@ -4038,6 +4033,11 @@ PHP_FUNCTION(openssl_pbkdf2)
 		RETURN_FALSE;
 	}

+	PHP_OPENSSL_CHECK_OVERFLOW(key_length, key);
+	PHP_OPENSSL_CHECK_OVERFLOW(iterations, iterations);
+	PHP_OPENSSL_CHECK_OVERFLOW(password_len, password);
+	PHP_OPENSSL_CHECK_OVERFLOW(salt_len, salt);
+
 	out_buffer = zend_string_alloc(key_length, 0);

 	if (PKCS5_PBKDF2_HMAC(password, (int)password_len, (unsigned char *)salt, (int)salt_len, (int)iterations, digest, (int)key_length, (unsigned char*)ZSTR_VAL(out_buffer)) == 1) {