Remove deprecated DES fallback in crypt()

nikic · nikic · commit d579b10c84d9 · 2020-06-24T12:57:04.000+02:00
diff --git a/UPGRADING b/UPGRADING
@@ -437,6 +437,9 @@ PHP 8.0 UPGRADE NOTES
     respect the inherited locale without an explicit setlocale() call. An
     explicit setlocale() call is now always required if you wish to change any
     locale component from the default.
+  . Remove deprecated DES fallback in crypt(). If an unknown salt format is
+    passed to crypt(), the function will fail with *0 instead of falling back
+    to a weak DES hash now.
 
 - Sysvmsg:
   . msg_get_queue() will now return an SysvMessageQueue object rather than a
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
@@ -51,9 +51,6 @@
 /* Used to check DES salts to ensure that they contain only valid characters */
 #define IS_VALID_SALT_CHARACTER(c) (((c) >= '.' && (c) <= '9') || ((c) >= 'A' && (c) <= 'Z') || ((c) >= 'a' && (c) <= 'z'))
 
-#define DES_INVALID_SALT_ERROR "Supplied salt is not valid for DES. Possible bug in provided salt format."
-
-
 PHP_MINIT_FUNCTION(crypt) /* {{{ */
 {
 	REGISTER_LONG_CONSTANT("CRYPT_SALT_LENGTH", PHP_MAX_SALT_LEN, CONST_CS | CONST_PERSISTENT);
@@ -163,20 +160,9 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch
 				ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN + 1);
 				return result;
 			}
-		} else {
+		} else if (salt[0] == '_'
+				|| (IS_VALID_SALT_CHARACTER(salt[0]) && IS_VALID_SALT_CHARACTER(salt[1]))) {
 			/* DES Fallback */
-
-			/* Only check the salt if it's not EXT_DES */
-			if (salt[0] != '_') {
-				/* DES style hashes */
-				if (!IS_VALID_SALT_CHARACTER(salt[0]) || !IS_VALID_SALT_CHARACTER(salt[1])) {
-					if (!quiet) {
-						/* error consistently about invalid DES fallbacks */
-						php_error_docref(NULL, E_DEPRECATED, DES_INVALID_SALT_ERROR);
-					}
-				}
-			}
-
 			memset(&buffer, 0, sizeof(buffer));
 			_crypt_extended_init_r();
 
@@ -187,17 +173,13 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch
 				result = zend_string_init(crypt_res, strlen(crypt_res), 0);
 				return result;
 			}
+		} else {
+			/* Unknown hash type */
+			return NULL;
 		}
 	}
 #else
 
-	if (salt[0] != '$' && salt[0] != '_' && (!IS_VALID_SALT_CHARACTER(salt[0]) || !IS_VALID_SALT_CHARACTER(salt[1]))) {
-		if (!quiet) {
-			/* error consistently about invalid DES fallbacks */
-			php_error_docref(NULL, E_DEPRECATED, DES_INVALID_SALT_ERROR);
-		}
-	}
-
 # if defined(HAVE_CRYPT_R) && (defined(_REENTRANT) || defined(_THREAD_SAFE))
 	{
 #  if defined(CRYPT_R_STRUCT_CRYPT_DATA)
diff --git a/ext/standard/tests/crypt/des_fallback_invalid_salt.phpt b/ext/standard/tests/crypt/des_fallback_invalid_salt.phpt
@@ -7,9 +7,6 @@ var_dump(crypt("test", "$#"));
 var_dump(crypt("test", "$5zd$01"));
 
 ?>
---EXPECTF--
-Deprecated: crypt(): Supplied salt is not valid for DES. Possible bug in provided salt format. in %s on line %d
-string(13) "$#8MWASl5pGIk"
-
-Deprecated: crypt(): Supplied salt is not valid for DES. Possible bug in provided salt format. in %s on line %d
-string(13) "$54mkQyGCLvHs"
+--EXPECT--
+string(2) "*0"
+string(2) "*0"
