Fix GH-12186: segfault copying/cloning a finalized HashContext

Closes GH-12186.
Closes GH-12187.

Fix hash_pbkdf2 options parameter

The value needs to be initialized to NULL as it is optional. Furthermore, the
parameter was completely missing in the stub signature.

Closes GH

Fix hash_pbkdf2 options parameter

The value needs to be initialized to NULL as it is optional. Furthermore, the
parameter was completely missing in the stub signature.

Closes GH-11731

show more ...

Fix GH-11180: hash_file() appears to be restricted to 3 arguments

Closes GH-11198.

Fix GH-8329 Print true/false instead of bool in error and debug messages (#8385)

Remove unnecessary usage of CONST_CS

Closes GH-9685.

Introduction of timing attack safe bcmp implementation.

Nothing new but to refactor usage b/w hash and password
extensions but using volatile pointers to be a bit safer,
allowing to

Introduction of timing attack safe bcmp implementation.

Nothing new but to refactor usage b/w hash and password
extensions but using volatile pointers to be a bit safer,
allowing to expand its usage eventually.

show more ...

Mark parameter in ext/hash as sensitive

Add support for sensitive parameters in stubs

Declare HASH_HMAC in stubs

Merge branch 'PHP-8.1'

* PHP-8.1:
Fix #81714: segfault when serializing finalized HashContext

Merge branch 'PHP-8.0' into PHP-8.1

* PHP-8.0:
Fix #81714: segfault when serializing finalized HashContext

Fix #81714: segfault when serializing finalized HashContext

We must not allow to serialize already finalized `HashContext`s, since
the internal context is already freed. Since there is

Fix #81714: segfault when serializing finalized HashContext

We must not allow to serialize already finalized `HashContext`s, since
the internal context is already freed. Since there is not much point
in serializing finalized `HashContext`s, we just bail out in that case.

Closes GH-8265.

show more ...

Use more compact representation for packed arrays.

- for packed arrays we store just an array of zvals without keys.
- the elements of packed array are accessible throuf as ht->arPacked[

Use more compact representation for packed arrays.

- for packed arrays we store just an array of zvals without keys.
- the elements of packed array are accessible throuf as ht->arPacked[i]
instead of ht->arData[i]
- in addition to general ZEND_HASH_FOREACH_* macros, we introduced similar
familied for packed (ZEND_HASH_PACKED_FORECH_*) and real hashes
(ZEND_HASH_MAP_FOREACH_*)
- introduced an additional family of macros to access elements of array
(packed or real hashes) ZEND_ARRAY_ELEMET_SIZE, ZEND_ARRAY_ELEMET_EX,
ZEND_ARRAY_ELEMET, ZEND_ARRAY_NEXT_ELEMENT, ZEND_ARRAY_PREV_ELEMENT
- zend_hash_minmax() prototype was changed to compare only values

Because of smaller data set, this patch may show performance improvement
on some apps and benchmarks that use packed arrays. (~1% on PHP-Parser)

TODO:
- sapi/phpdbg needs special support for packed arrays (WATCH_ON_BUCKET).
- zend_hash_sort_ex() may require converting packed arrays to hash.

show more ...

Use free_obj handler in HashContext

Instead of dtor_obj.

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |

show more ...

Generate class entries from stubs for another batch of extensions

Closes GH-6669

Replace zend_bool uses with bool

We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool

Replace zend_bool uses with bool

We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool is retained as an alias.

show more ...

hash: Implement xxHash

The implementation bundles the xxHash v0.8.0 release and includes all the variants

- xxh32, 32-bit wide
- xxh64, 64-bit wide
- xxh3, 64-bit wide
-

hash: Implement xxHash

The implementation bundles the xxHash v0.8.0 release and includes all the variants

- xxh32, 32-bit wide
- xxh64, 64-bit wide
- xxh3, 64-bit wide
- xxh128, 128-bit wide

An initial hash state can be passed through the options arrray. An additional
functionality not targeted in this implementation is the secret support in xxh3
and xxh128. That can be added at a later point.

The serialization for xxh3 and xxh128 should not be implemented, as the
state would contain the secret. Despite the xxHash is a non crypto
algorithm, the secret would be serialized as plain text which would be
insecure.

Closes GH-6524

Signed-off-by: Anatol Belski <ab@php.net>

show more ...

hash: Support custom algo parameters

The concrete need on this change is to support passing an initial seed
to the murmur hash. Passing a custom seed is important in terms of
randomi

hash: Support custom algo parameters

The concrete need on this change is to support passing an initial seed
to the murmur hash. Passing a custom seed is important in terms of
randomizing the hash function.

The suggested implementation adds a HashTable parameter to all the
init callbacks. Further on, an array with custom arguments is accepted
from `hash` or `hash_init` from the user land. Currently several things
like `hash_hkdf` are not touched, as they don't need passing custom
args.

Some convenience macros have been added to the SHA/MD families of
functions, so the consuming code doesn't have to be changed widely.

Another way to implement this is to add another type of the init that
would accept a HT with arguments. However, that would still require
touching all the context structs in all the algos. That would also
increase the size of those structs. As an init function is called just
once, the way of modifying the existing init callback has been seen
as more preferrable.

Closes GH-6400.

Signed-off-by: Anatol Belski <ab@php.net>
Co-Developed-by: Nikita Popov <nikita.ppv@googlemail.com>
Signed-off-by: Nikita Popov <nikita.ppv@googlemail.com>
Acked-by: Michael Wallner <mike@php.net>
Reviewed-by: Máté Kocsis <kocsismate@woohoolabs.com>
Reviewed-by: Eddie Kohler <ekohler@gmail.com>

show more ...

hash: Add MurmurHash3 with streaming support

The implementation is based on the upstream PMurHash. The following
variants are implemented

- murmur3a, 32-bit hash
- murmur3c,

hash: Add MurmurHash3 with streaming support

The implementation is based on the upstream PMurHash. The following
variants are implemented

- murmur3a, 32-bit hash
- murmur3c, 128-bit hash for x86
- murmur3f, 128-bit hash for x64

The custom seed support is not targeted by this implementation. It will
need a major change to the API, so then custom arguments can be passed
through `hash_init`. For now, the starting hash is always zero.

Fixes bug #68109, closes #6059

Signed-off-by: Anatol Belski <ab@php.net>
Co-Developed-by: Michael Wallner <mike@php.net>
Signed-off-by: Michael Wallner <mike@php.net>

show more ...

Make null byte error a ValueError

Currently we treat paths with null bytes as a TypeError, which is
incorrect, and rather inconsistent, as we treat empty paths as
ValueError. We do t

Make null byte error a ValueError

Currently we treat paths with null bytes as a TypeError, which is
incorrect, and rather inconsistent, as we treat empty paths as
ValueError. We do this because the error is generated by zpp and
it's easier to always throw TypeError there.

This changes the zpp implementation to throw a TypeError only if
the type is actually wrong and throw ValueError for null bytes.
The error message is also split accordingly, to be more precise.

Closes GH-6094.

show more ...

Fixed memory leak (ext/hash/tests/mhash_001.phpt failure)

Fix ZPP for mhash()

Closes GH-5985

Remove proto comments from C files

Closes GH-5758

Make HashContexts serializable.

* Modify php_hash_ops to contain the algorithm name and
serialize and unserialize methods.

* Implement __serialize and __unserialize magic meth

Make HashContexts serializable.

* Modify php_hash_ops to contain the algorithm name and
serialize and unserialize methods.

* Implement __serialize and __unserialize magic methods on
HashContext.

Note that serialized HashContexts are not necessarily portable
between PHP versions or from architecture to architecture.
(Most are, though Keccak and slow SHA3s are not.)

An exception is thrown when an unsupported serialization is
attempted.

Because of security concerns, HASH_HMAC contexts are not
currently serializable; attempting to serialize one throws
an exception.

Serialization exposes the state of HashContext memory, so ensure
that memory is zeroed before use by allocating it with a new
php_hash_alloc_context function. Performance impact is
negligible.

Some hash internal states have logical pointers into a buffer,
or sponge, that absorbs input provided in bytes rather than
chunks. The unserialize functions for these hash functions
must validate that the logical pointers are all within bounds,
lest future hash operations cause out-of-bounds memory accesses.

* Adler32, CRC32, FNV, joaat: simple state, no buffer positions
* Gost, MD2, SHA3, Snefru, Tiger, Whirlpool: buffer positions
must be validated
* MD4, MD5, SHA1, SHA2, haval, ripemd: buffer positions encoded
bitwise, forced to within bounds on use; no need to validate

show more ...