summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/sp_cookie_encryption.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c
index ad8438a..a47f6e1 100644
--- a/src/sp_cookie_encryption.c
+++ b/src/sp_cookie_encryption.c
@@ -61,14 +61,14 @@ int decrypt_cookie(zval *pDest, int num_args, va_list args,
61 61
62 debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)), value_len); 62 debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)), value_len);
63 63
64 if (value_len < 64 if (ZSTR_LEN(debase64) <
65 crypto_secretbox_NONCEBYTES + crypto_secretbox_ZEROBYTES) { 65 crypto_secretbox_NONCEBYTES + crypto_secretbox_ZEROBYTES) {
66 sp_log_msg("cookie_encryption", SP_LOG_DROP, 66 sp_log_msg("cookie_encryption", SP_LOG_DROP,
67 "Buffer underflow tentative detected in cookie encryption handling."); 67 "Buffer underflow tentative detected in cookie encryption handling.");
68 return ZEND_HASH_APPLY_REMOVE; 68 return ZEND_HASH_APPLY_REMOVE;
69 } 69 }
70 70
71 decrypted = pecalloc(value_len, 1, 0); 71 decrypted = pecalloc(ZSTR_LEN(debase64), 1, 0);
72 72
73 ret = crypto_secretbox_open( 73 ret = crypto_secretbox_open(
74 decrypted, 74 decrypted,