Use integer arithmetic for PBKDF2 length calculations

gregharmon · gregharmon · commit 1e94d0ba9282 · 2026-02-09T17:09:28.000-05:00
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
@@ -19,7 +19,6 @@
 #include <config.h>
 #endif
 
-#include <math.h>
 #include "php_hash.h"
 #include "php_hash_sha.h"
 #include "ext/standard/info.h"
@@ -582,10 +581,10 @@ static zend_string *php_hash_pbkdf2_sha256(const char *pass, size_t pass_len, co
 	}
 	digest_length = length;
 	if (!raw_output) {
-		digest_length = (zend_long) ceil((float) length / 2.0);
+		digest_length = (length / 2) + (length % 2);
 	}
 
-	loops = (zend_long) ceil((float) digest_length / (float) digest_size);
+	loops = (digest_length / digest_size) + ((digest_length % digest_size) ? 1 : 0);
 
 	result = safe_emalloc(loops, digest_size, 0);
 
@@ -647,7 +646,7 @@ static zend_string *php_hash_pbkdf2_sha256_commoncrypto(const char *pass, size_t
 		length = raw_output ? 32 : 64;
 	}
 
-	derived_len = raw_output ? length : (zend_long) ceil((float) length / 2.0);
+	derived_len = raw_output ? length : (length / 2) + (length % 2);
 	if (derived_len <= 0) {
 		return NULL;
 	}
@@ -1244,10 +1243,10 @@ PHP_FUNCTION(hash_pbkdf2)
 	}
 	digest_length = length;
 	if (!raw_output) {
-		digest_length = (zend_long) ceil((float) length / 2.0);
+		digest_length = (length / 2) + (length % 2);
 	}
 
-	loops = (zend_long) ceil((float) digest_length / (float) ops->digest_size);
+	loops = (digest_length / ops->digest_size) + ((digest_length % ops->digest_size) ? 1 : 0);
 
 	result = safe_emalloc(loops, ops->digest_size, 0);
 

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,6 @@`
`19`	`19`	`#include <config.h>`
`20`	`20`	`#endif`
`21`	`21`
`22`		`-#include <math.h>`
`23`	`22`	`#include "php_hash.h"`
`24`	`23`	`#include "php_hash_sha.h"`
`25`	`24`	`#include "ext/standard/info.h"`
`@@ -582,10 +581,10 @@ static zend_string php_hash_pbkdf2_sha256(const char pass, size_t pass_len, co`
`582`	`581`	`}`
`583`	`582`	`digest_length = length;`
`584`	`583`	`if (!raw_output) {`
`585`		`- digest_length = (zend_long) ceil((float) length / 2.0);`
	`584`	`+ digest_length = (length / 2) + (length % 2);`
`586`	`585`	`}`
`587`	`586`
`588`		`- loops = (zend_long) ceil((float) digest_length / (float) digest_size);`
	`587`	`+ loops = (digest_length / digest_size) + ((digest_length % digest_size) ? 1 : 0);`
`589`	`588`
`590`	`589`	`result = safe_emalloc(loops, digest_size, 0);`
`591`	`590`
`@@ -647,7 +646,7 @@ static zend_string php_hash_pbkdf2_sha256_commoncrypto(const char pass, size_t`
`647`	`646`	`length = raw_output ? 32 : 64;`
`648`	`647`	`}`
`649`	`648`
`650`		`- derived_len = raw_output ? length : (zend_long) ceil((float) length / 2.0);`
	`649`	`+ derived_len = raw_output ? length : (length / 2) + (length % 2);`
`651`	`650`	`if (derived_len <= 0) {`
`652`	`651`	`return NULL;`
`653`	`652`	`}`
`@@ -1244,10 +1243,10 @@ PHP_FUNCTION(hash_pbkdf2)`
`1244`	`1243`	`}`
`1245`	`1244`	`digest_length = length;`
`1246`	`1245`	`if (!raw_output) {`
`1247`		`- digest_length = (zend_long) ceil((float) length / 2.0);`
	`1246`	`+ digest_length = (length / 2) + (length % 2);`
`1248`	`1247`	`}`
`1249`	`1248`
`1250`		`- loops = (zend_long) ceil((float) digest_length / (float) ops->digest_size);`
	`1249`	`+ loops = (digest_length / ops->digest_size) + ((digest_length % ops->digest_size) ? 1 : 0);`
`1251`	`1250`
`1252`	`1251`	`result = safe_emalloc(loops, ops->digest_size, 0);`
`1253`	`1252`