From c45f4f546180d5d4fa83bfcdaad94ec52c9cc274 Mon Sep 17 00:00:00 2001
From: Anatol Belski <ab@php.net>
Date: Fri, 19 Sep 2014 01:46:14 +0200
Subject: generalized the case with secure memory zeroing

---
 ext/standard/crypt.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

(limited to 'ext/standard/crypt.c')

diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
index b2524a0767..75940482d6 100644
--- a/ext/standard/crypt.c
+++ b/ext/standard/crypt.c
@@ -207,15 +207,11 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch
 
 			crypt_res = php_crypt_blowfish_rn(password, salt, output, sizeof(output));
 			if (!crypt_res) {
-				memset(output, 0, PHP_MAX_SALT_LEN + 1);
+				ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN + 1);
 				return NULL;
 			} else {
 				result = zend_string_init(output, strlen(output), 0);
-#ifdef PHP_WIN32
-				RtlSecureZeroMemory(output, PHP_MAX_SALT_LEN + 1);
-#else
-				memset(output, 0, PHP_MAX_SALT_LEN + 1);
-#endif
+				ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN + 1);
 				return result;
 			}
 		} else {
-- 
cgit v1.2.1