2366a070c8
improve condition
...
same as CSPRNG, break by EOF
2015-08-12 14:50:43 +02:00
b0893344df
integrate static tsrmls cache with ext/mcrypt
2015-08-11 12:32:00 +02:00
f15ec180ad
add folds
2015-08-11 12:11:24 +02:00
a91065c63c
don't close stdin
2015-08-09 18:54:20 +02:00
a94ea9c97a
fix the mcrypt related part of bug #64833
2015-08-09 18:40:29 +02:00
89b49b02fc
Cleanup (avoid reallocation)
2015-07-01 14:12:46 +03:00
4a2e40bb86
Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes).
2015-06-30 04:05:24 +03:00
f51e4ae42e
Fixed build
2015-05-13 18:53:58 +03:00
420961524d
Merge branch 'PHP-5.6'
...
* PHP-5.6:
Close fd at the end, otherwise people complain
Add file descriptor caching to mcrypt_create_iv()
Conflicts:
ext/mcrypt/mcrypt.c
2015-05-13 14:21:19 +02:00
c09fad97d6
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Close fd at the end, otherwise people complain
Add file descriptor caching to mcrypt_create_iv()
2015-05-13 14:19:04 +02:00
f7952b90ca
Close fd at the end, otherwise people complain
...
Even though it's closed when the process terminates!
2015-05-13 14:18:32 +02:00
c02c4aca00
Add file descriptor caching to mcrypt_create_iv()
...
This improves performance for applications that make repeated calls to
mcrypt_create_iv()
2015-05-13 14:18:32 +02:00
2d78023244
cleanup the mod version macros, round 2
2015-03-23 20:33:54 +01:00
7810659cc3
Removed deprecated mcrypt_ecb() etc
2015-03-09 11:37:13 +01:00
c488a45701
Remove deprecated mcrypt_generic_end() alias
2015-03-09 11:10:52 +01:00
2517b56cd1
Ported mcrypt
2015-02-03 11:58:11 +08:00
fc33f52d8c
bump year
2015-01-15 23:27:30 +08:00
0579e8278d
bump year
2015-01-15 23:26:37 +08:00
73c1be2653
Bump year
2015-01-15 23:26:03 +08:00
b7a7b1a624
trailing whitespace removal
2015-01-10 15:07:38 -08:00
bdeb220f48
first shot remove TSRMLS_* things
2014-12-13 23:06:14 +01:00
70a2748b5e
Merge branch 'PHP-5.6'
...
* PHP-5.6:
Fixed possible read after end of buffer and use after free.
2014-12-08 12:25:52 +03:00
278c38165c
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fixed possible read after end of buffer and use after free.
2014-12-08 12:24:16 +03:00
e6ad29ae96
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fixed possible read after end of buffer and use after free.
2014-12-08 12:20:01 +03:00
dd791cd717
Fixed possible read after end of buffer and use after free.
2014-12-08 12:18:27 +03:00
e3934515c4
fix datatype mismatch warnings
2014-10-31 19:36:17 +01:00
e33f3d3b7c
Move smart_str implementation into Zend/
...
So we can use it there as well...
For now I've retained the zend_smart_str_public.h header, though
it would probably be better to just move that one struct into
zend_types.h.
2014-09-21 20:49:39 +02:00
d0cb715373
s/PHP 5/PHP 7/
2014-09-19 18:33:14 +02:00
1e3e9e0bbb
's' and size_t - fix some invalid pointers and the remaining ext/mcrypt parts
2014-08-27 21:53:06 +02:00
6db8d4f829
's' works with size_t round 3
2014-08-27 20:49:36 +02:00
3234480827
first show to make 's' work with size_t
2014-08-27 20:49:31 +02:00
af59e92b24
master renames phase 7
2014-08-25 21:51:49 +02:00
c3e3c98ec6
master renames phase 1
2014-08-25 19:24:55 +02:00
3cb5c6e692
fix zpp
2014-08-21 20:13:55 +02:00
63d3f0b844
basic macro replacements, all at once
2014-08-19 08:07:31 +02:00
b8b8c497c4
In most user extensions functions like mysql_close() should use zend_list_close() instead of zend_list_delete(). This closes the actual connection and frees extension specific data structures, but doesn't free zend_reference structure that might be referenced from zval(s). This also doesn't decrement the resource reference counter.
2014-05-13 13:18:00 +04:00
b2fe1c1648
...
2014-05-06 11:22:15 +01:00
7f32ffbf89
fix leaks in here
2014-05-06 11:20:54 +01:00
4187be99fe
fix for phpng, failing RFC2144 test
2014-05-06 09:08:02 +01:00
f9927a6c97
Merge mainstream 'master' branch into refactoring
...
During merge I had to revert:
Nikita's patch for php_splice() (it probably needs to be applyed again)
Bob Weinand's patches related to constant expression handling (we need to review them carefully)
I also reverted all our attempts to support sapi/phpdbg (we didn't test it anyway)
Conflicts:
Zend/zend.h
Zend/zend_API.c
Zend/zend_ast.c
Zend/zend_compile.c
Zend/zend_compile.h
Zend/zend_constants.c
Zend/zend_exceptions.c
Zend/zend_execute.c
Zend/zend_execute.h
Zend/zend_execute_API.c
Zend/zend_hash.c
Zend/zend_highlight.c
Zend/zend_language_parser.y
Zend/zend_language_scanner.c
Zend/zend_language_scanner_defs.h
Zend/zend_variables.c
Zend/zend_vm_def.h
Zend/zend_vm_execute.h
ext/date/php_date.c
ext/dom/documenttype.c
ext/hash/hash.c
ext/iconv/iconv.c
ext/mbstring/tests/zend_multibyte-10.phpt
ext/mbstring/tests/zend_multibyte-11.phpt
ext/mbstring/tests/zend_multibyte-12.phpt
ext/mysql/php_mysql.c
ext/mysqli/mysqli.c
ext/mysqlnd/mysqlnd_reverse_api.c
ext/mysqlnd/php_mysqlnd.c
ext/opcache/ZendAccelerator.c
ext/opcache/zend_accelerator_util_funcs.c
ext/opcache/zend_persist.c
ext/opcache/zend_persist_calc.c
ext/pcre/php_pcre.c
ext/pdo/pdo_dbh.c
ext/pdo/pdo_stmt.c
ext/pdo_pgsql/pgsql_driver.c
ext/pgsql/pgsql.c
ext/reflection/php_reflection.c
ext/session/session.c
ext/spl/spl_array.c
ext/spl/spl_observer.c
ext/standard/array.c
ext/standard/basic_functions.c
ext/standard/html.c
ext/standard/mail.c
ext/standard/php_array.h
ext/standard/proc_open.c
ext/standard/streamsfuncs.c
ext/standard/user_filters.c
ext/standard/var_unserializer.c
ext/standard/var_unserializer.re
main/php_variables.c
sapi/phpdbg/phpdbg.c
sapi/phpdbg/phpdbg_bp.c
sapi/phpdbg/phpdbg_frame.c
sapi/phpdbg/phpdbg_help.c
sapi/phpdbg/phpdbg_list.c
sapi/phpdbg/phpdbg_print.c
sapi/phpdbg/phpdbg_prompt.c
2014-04-26 00:32:51 +04:00
050d7e38ad
Cleanup (1-st round)
2014-04-15 15:40:40 +04:00
fd5fbba98c
Use /dev/urandom as the default mcrypt_create_iv() source
...
Also fixes the ARGINFO for mcrypt_create_iv() and adds missing
UPGRADING entries.
2014-03-11 14:06:13 +01:00
d8ed84e4c4
Use zpp for accepting encryption mode string
...
Leaving the non-zpp usage for the mcrypt_{MODE} functions, as
they're deprecated and I'm too lazy to update all their tests.
2014-03-05 15:32:32 +01:00
eb0eac75ef
Remove a number of macros that are no longer used
2014-03-05 15:32:32 +01:00
e5738d3bc9
Provide expected IV length in IV error messages
2014-03-05 15:32:32 +01:00
b9737aa08e
Call mcrypt_module_close on error
2014-03-05 15:32:32 +01:00
e4876ecbfb
Print supported key sizes in error message
2014-03-05 15:32:32 +01:00
32333abe3e
Clean up do_crypt code
...
Avoid unnecessary alloc/copy/free cycles and clean up structure in
general. Add a few extra checks for the key length.
2014-03-05 15:32:32 +01:00
a861a3a93d
Abort on invalid key size
...
Previously an incorrectly sized key was either silently padded
with NUL bytes or truncated. Especially the silent nature of this
behavior makes it extremely easy to use weak encryption. A common
mistake - which has also been extensively made in our tests - is
to use a password instead of a key.
Incorrectly sized keys will now be rejected.
2014-03-05 15:32:32 +01:00
25d801f97e
Abort on missing IV if the enc_mode requires it
...
Previously the code fell back on using a NUL IV if no IV was
passed and the encryption mode required it. This is dangerous and
makes no sense from a practical point of view (as you could just
as well use ECB then).
2014-03-05 15:32:31 +01:00
Anatol Belski