Closed GoogleCodeExporter closed 9 years ago
Can you be more specific on how you replaced 'strdup' and 'strcpy' with malloc
please?
Original comment by rbfuente...@gmail.com
on 14 May 2012 at 5:10
To clear any possible misunderstandings, I replaced "strdup" with "malloc and
strcpy". I did not replace "'strdup' and 'strcpy' with malloc". Here is the new
method...
static PyObject *
bcrypt_hashpw(PyObject *self, PyObject *args, PyObject *kw_args)
{
static char *keywords[] = { "password", "salt", NULL };
char *password = NULL, *salt = NULL;
char *ret;
if (!PyArg_ParseTupleAndKeywords(args, kw_args, "ss:hashpw", keywords,
&password, &salt))
return NULL;
char *password_copy = malloc (strlen (password) + 1);
if (password_copy == NULL) return NULL;
strcpy(password_copy, password);
char *salt_copy = malloc (strlen (salt) + 1);
if (salt_copy == NULL) return NULL;
strcpy(salt_copy, salt);
Py_BEGIN_ALLOW_THREADS;
ret = pybc_bcrypt(password_copy, salt_copy);
Py_END_ALLOW_THREADS;
free(password_copy);
free(salt_copy);
if ((ret == NULL) ||
strcmp(ret, ":") == 0) {
PyErr_SetString(PyExc_ValueError, "Invalid salt");
return NULL;
}
return PyString_FromString(ret);
}
Original comment by nag.ra...@gmail.com
on 14 May 2012 at 6:10
There is a simpler alternative to re-implementing strdup.
#if defined(_WIN32)
/* On Windows strdup is deprecated, replaced by the ISO C compliant _strdup. */
#define strdup _strdup
#endif
Original comment by pet...@gmail.com
on 11 Jun 2012 at 1:13
I've removed the strdup calls entirely in the current hg tip as part of
python-3.x support (issue #5). This will be in the forthcoming py-bcrypt-0.4
and is in the hg tree now.
Original comment by d...@djm.net.au
on 27 Jul 2013 at 11:58
Original issue reported on code.google.com by
nagra...@ciena.com
on 31 Oct 2011 at 11:10