«
Previous
|
Next
»
Revision 2140
Added by darkviper over 8 years ago
- class SecureTokens::addToken() fixed integer overflow problem on 32bit platforms
| SecureTokens.php | ||
|---|---|---|
| 337 | 337 |
*/ |
| 338 | 338 |
private function addToken($sTokenName, $sValue) |
| 339 | 339 |
{
|
| 340 |
$sTokenName = substr($sTokenName, 0, 16); |
|
| 340 |
// limit TokenName to 16 digits |
|
| 341 |
$sTokenName = substr(str_pad($sTokenName, 16, '0', STR_PAD_LEFT), -16); |
|
| 342 |
// make sure, first digit is a alpha char [a-f] |
|
| 341 | 343 |
$sTokenName[0] = dechex(10 + (hexdec($sTokenName[0]) % 5)); |
| 344 |
// loop as long the generated TokenName already exists in list |
|
| 342 | 345 |
while (isset($this->aTokens[$sTokenName])) {
|
| 343 |
$sTokenName = sprintf('%16x', hexdec($sTokenName)+1);
|
|
| 346 |
// split TokenName into 4 words |
|
| 347 |
$aWords = str_split($sTokenName, 4); |
|
| 348 |
// get lowest word and increment it |
|
| 349 |
$iWord = hexdec($aWords[3]) + 1; |
|
| 350 |
// reformat integer into a 4 digit hex string |
|
| 351 |
$aWords[3] = sprintf('%04x', ($iWord > 0xffff ? 1 : $iWord));
|
|
| 352 |
// rebuild the TokenName |
|
| 353 |
$sTokenName = implode('', $aWords);
|
|
| 344 | 354 |
} |
| 355 |
// store Token in list |
|
| 345 | 356 |
$this->aTokens[$sTokenName] = array( |
| 346 | 357 |
'value' => $sValue, |
| 347 | 358 |
'expire' => $this->iExpireTime, |
Also available in: Unified diff