Edit report at https://bugs.php.net/bug.php?id=61098&edit=1
ID: 61098
Updated by: ras...@php.net
Reported by: naryndel at hotmail dot com
Summary: crypt() hangs when using Blowfish salt with SHA512
hash
-Status: Open
+Status: Analyzed
Type: Bug
Package: *Encryption and hash functions
Operating System: RedHat Linux
PHP Version: 5.3.10
Block user comment: N
Private report: N
New Comment:
Confirmed, this gets stuck in standard/crypt_blowfish.c because of this:
691 count = (BF_word)1 << ((setting[4] - '0') * 10 + (setting[5] -
'0'));
(gdb) p count
$1 = 2147483648
(gdb) p setting[4]
$2 = 51 '3'
(gdb) p setting[5]
$3 = 49 '1'
(gdb) p ((setting[4] - '0') * 10 + (setting[5] - '0'))
$4 = 31
And then there is a while(--count) loop further on that is thus going to take a
long time to complete.
Previous Comments:
------------------------------------------------------------------------
[2012-02-15 20:06:01] naryndel at hotmail dot com
Description:
------------
My hosting company recently upgraded from PHP 5.2.x to PHP 5.3.1.
Using crypt() with a salt following the CRYPT_BLOWFISH format (as shown on
http://ca.php.net/manual/en/function.crypt.php) the script will hang and
timeout
.
Previous to the upgrade the function would process successfully without warning
or error. A call to hash_algos() does list "Blowfish" as a registered hashing
algorithm.
On the documentation page for crypt(), the following note is stated: "As of PHP
5.3.0, PHP contains its own implementation and will use that if the system
lacks
of support for one or more of the algorithms."
So rather than hanging PHP is expected to use an internal algorithm in place
where Blowfish is apparently not supported on the server.
This was further tested by using a sha512-formatted salt for the 2nd argument
(sha512 is listed in the result provided by hash_algos()), which processes
successfully. Also by calling crypt() using the Blowfish salt and attempting
with the 1st argument processed using the hash() function and without - both
instances cause the script to hang as well.
Test script:
---------------
crypt(hash("sha512","something"),'$2a$31$developer./.excellence$');
Expected result:
----------------
The expected result would be an encrypted string using an internal PHP
algorithm
as described within the PHP documentation for the crypt() function.
Actual result:
--------------
The actual result is that the script will hang until the maximum process time
on
the server is exceeded and the script times out, giving the following error
message:
[warn] mod_fcgid: stderr: PHP Fatal error: Maximum execution time of 30 seconds
exceeded in [script path] on line 30
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=61098&edit=1
