mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

Merge branch 'develop-olympus' into develop

Browse Source 
* develop-olympus:
  [prep-release-3.0.12] Update changelog for 3.0.12 release.
  [ticket/11873] Add unit test for large password input.
  [ticket/11873] Do not hash very large passwords in order to safe resources.
This commit is contained in:
Andreas Fischer
2013-09-28 15:02:59 +02:00
parent 08b49203b4 02f9d179e5
commit 787784e083
3 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
phpBB/includes/functions.php
View File

@@ -442,6 +442,13 @@ function phpbb_hash($password)
*/
function phpbb_check_hash($password, $hash)
{
if (strlen($password) > 4096)
{
// If the password is too huge, we will simply reject it
// and not let the server try to hash it.
return false;
}
$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if (strlen($hash) == 34)
{