static int php_password_make_salt(size_t length, char *ret) /* {{{ */ { size_t raw_length; char *buffer; char *result; if (length > (INT_MAX / 3)) { php_error_docref(NULL, E_WARNING, "Length is too large to safely generate"); return FAILURE; } raw_length = length * 3 / 4 + 1; buffer = (char *) safe_emalloc(raw_length, 1, 1); if (FAILURE == php_random_bytes_silent(buffer, raw_length)) { php_error_docref(NULL, E_WARNING, "Unable to generate salt"); efree(buffer); return FAILURE; } result = safe_emalloc(length, 1, 1); if (php_password_salt_to64(buffer, raw_length, length, result) == FAILURE) { php_error_docref(NULL, E_WARNING, "Generated salt too short"); efree(buffer); efree(result); return FAILURE; } memcpy(ret, result, length); efree(result); efree(buffer); ret[length] = 0; return SUCCESS; }
static zend_string* php_password_make_salt(size_t length) /* {{{ */ { zend_string *ret, *buffer; if (length > (INT_MAX / 3)) { php_error_docref(NULL, E_WARNING, "Length is too large to safely generate"); return NULL; } buffer = zend_string_alloc(length * 3 / 4 + 1, 0); if (FAILURE == php_random_bytes_silent(ZSTR_VAL(buffer), ZSTR_LEN(buffer))) { php_error_docref(NULL, E_WARNING, "Unable to generate salt"); zend_string_release(buffer); return NULL; } ret = zend_string_alloc(length, 0); if (php_password_salt_to64(ZSTR_VAL(buffer), ZSTR_LEN(buffer), length, ZSTR_VAL(ret)) == FAILURE) { php_error_docref(NULL, E_WARNING, "Generated salt too short"); zend_string_release(buffer); zend_string_release(ret); return NULL; } zend_string_release(buffer); ZSTR_VAL(ret)[length] = 0; return ret; }