diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | ext/standard/crypt.c | 2 | ||||
| -rw-r--r-- | ext/standard/tests/strings/crypt.phpt | 2 |
3 files changed, 6 insertions, 0 deletions
@@ -63,6 +63,8 @@ PHP NEWS - Standard: . Implemented FR #65634 (HTTP wrapper is very slow with protocol_version 1.1). (Adam) + . Implemented Change crypt() behavior w/o salt RFC. (Yasuo) + https://wiki.php.net/rfc/crypt_function_salt - XMLReader: . Fixed bug #55285 (XMLReader::getAttribute/No/Ns methods inconsistency). diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 113a5bd0f5..81c0bf3e0c 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -272,6 +272,8 @@ PHP_FUNCTION(crypt) if (salt_in) { memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len)); + } else { + php_error_docref(NULL TSRMLS_C, E_NOTICE, "No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash."); } /* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */ diff --git a/ext/standard/tests/strings/crypt.phpt b/ext/standard/tests/strings/crypt.phpt index ce178f684e..3dcff2eaf2 100644 --- a/ext/standard/tests/strings/crypt.phpt +++ b/ext/standard/tests/strings/crypt.phpt @@ -34,6 +34,8 @@ STD EXT MD5 BLO + +Notice: crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash. in %s on line %d string(%d) "%s" Warning: crypt() expects at least 1 parameter, 0 given in %s on line %d |