@@ -1499,6 +1499,10 @@ PHP_FUNCTION(sodium_crypto_pwhash)
14991499 zend_argument_error (sodium_exception_ce , 1 , "is too large" );
15001500 RETURN_THROWS ();
15011501 }
1502+ if (passwd_len == 0 ) {
1503+ zend_argument_error (sodium_exception_ce , 2 , "cannot be empty" );
1504+ RETURN_THROWS ();
1505+ }
15021506 if (passwd_len >= 0xffffffff ) {
15031507 zend_argument_error (sodium_exception_ce , 2 , "is too long" );
15041508 RETURN_THROWS ();
@@ -1519,9 +1523,6 @@ PHP_FUNCTION(sodium_crypto_pwhash)
15191523 zend_throw_exception (sodium_exception_ce , "unsupported password hashing algorithm" , 0 );
15201524 RETURN_THROWS ();
15211525 }
1522- if (passwd_len <= 0 ) {
1523- zend_error (E_WARNING , "empty password" );
1524- }
15251526 if (salt_len != crypto_pwhash_SALTBYTES ) {
15261527 zend_argument_error (sodium_exception_ce , 3 , "must be SODIUM_CRYPTO_PWHASH_SALTBYTES bytes long" );
15271528 RETURN_THROWS ();
@@ -1574,6 +1575,14 @@ PHP_FUNCTION(sodium_crypto_pwhash_str)
15741575 sodium_remove_param_values_from_backtrace (EG (exception ));
15751576 RETURN_THROWS ();
15761577 }
1578+ if (passwd_len == 0 ) {
1579+ zend_argument_error (sodium_exception_ce , 1 , "cannot be empty" );
1580+ RETURN_THROWS ();
1581+ }
1582+ if (passwd_len >= 0xffffffff ) {
1583+ zend_argument_error (sodium_exception_ce , 1 , "is too long" );
1584+ RETURN_THROWS ();
1585+ }
15771586 if (opslimit <= 0 ) {
15781587 zend_argument_error (sodium_exception_ce , 2 , "must be greater than 0" );
15791588 RETURN_THROWS ();
@@ -1582,13 +1591,6 @@ PHP_FUNCTION(sodium_crypto_pwhash_str)
15821591 zend_argument_error (sodium_exception_ce , 3 , "must be greater than 0" );
15831592 RETURN_THROWS ();
15841593 }
1585- if (passwd_len >= 0xffffffff ) {
1586- zend_argument_error (sodium_exception_ce , 1 , "is too long" );
1587- RETURN_THROWS ();
1588- }
1589- if (passwd_len <= 0 ) {
1590- zend_error (E_WARNING , "empty password" );
1591- }
15921594 if (opslimit < crypto_pwhash_OPSLIMIT_MIN ) {
15931595 zend_argument_error (sodium_exception_ce , 2 , "must be greater than or equal to %d" , crypto_pwhash_OPSLIMIT_MIN );
15941596 }
@@ -1643,13 +1645,14 @@ PHP_FUNCTION(sodium_crypto_pwhash_str_verify)
16431645 sodium_remove_param_values_from_backtrace (EG (exception ));
16441646 RETURN_THROWS ();
16451647 }
1648+ if (passwd_len == 0 ) {
1649+ zend_argument_error (sodium_exception_ce , 2 , "cannot be empty" );
1650+ RETURN_THROWS ();
1651+ }
16461652 if (passwd_len >= 0xffffffff ) {
16471653 zend_argument_error (sodium_exception_ce , 2 , "is too long" );
16481654 RETURN_THROWS ();
16491655 }
1650- if (passwd_len <= 0 ) {
1651- zend_error (E_WARNING , "empty password" );
1652- }
16531656 if (crypto_pwhash_str_verify
16541657 (hash_str , passwd , (unsigned long long ) passwd_len ) == 0 ) {
16551658 RETURN_TRUE ;
@@ -1682,6 +1685,10 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256)
16821685 zend_argument_error (sodium_exception_ce , 1 , "must be greater than 0" );
16831686 RETURN_THROWS ();
16841687 }
1688+ if (passwd_len == 0 ) {
1689+ zend_argument_error (sodium_exception_ce , 2 , "cannot be empty" );
1690+ RETURN_THROWS ();
1691+ }
16851692 if (opslimit <= 0 ) {
16861693 zend_argument_error (sodium_exception_ce , 4 , "must be greater than 0" );
16871694 RETURN_THROWS ();
@@ -1690,9 +1697,6 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256)
16901697 zend_argument_error (sodium_exception_ce , 5 , "must be greater than 0" );
16911698 RETURN_THROWS ();
16921699 }
1693- if (passwd_len <= 0 ) {
1694- zend_error (E_WARNING , "empty password" );
1695- }
16961700 if (salt_len != crypto_pwhash_scryptsalsa208sha256_SALTBYTES ) {
16971701 zend_argument_error (sodium_exception_ce , 3 , "must be SODIUM_CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES bytes long" );
16981702 RETURN_THROWS ();
@@ -1731,6 +1735,10 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str)
17311735 sodium_remove_param_values_from_backtrace (EG (exception ));
17321736 RETURN_THROWS ();
17331737 }
1738+ if (passwd_len == 0 ) {
1739+ zend_argument_error (sodium_exception_ce , 1 , "cannot be empty" );
1740+ RETURN_THROWS ();
1741+ }
17341742 if (opslimit <= 0 ) {
17351743 zend_argument_error (sodium_exception_ce , 2 , "must be greater than 0" );
17361744 RETURN_THROWS ();
@@ -1739,9 +1747,6 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str)
17391747 zend_argument_error (sodium_exception_ce , 3 , "must be greater than 0" );
17401748 RETURN_THROWS ();
17411749 }
1742- if (passwd_len <= 0 ) {
1743- zend_error (E_WARNING , "empty password" );
1744- }
17451750 if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE ) {
17461751 zend_argument_error (sodium_exception_ce , 2 , "must be greater than or equal to %d" , crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE );
17471752 }
@@ -1775,8 +1780,9 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str_verify)
17751780 sodium_remove_param_values_from_backtrace (EG (exception ));
17761781 RETURN_THROWS ();
17771782 }
1778- if (passwd_len <= 0 ) {
1779- zend_error (E_WARNING , "empty password" );
1783+ if (passwd_len == 0 ) {
1784+ zend_argument_error (sodium_exception_ce , 2 , "cannot be empty" );
1785+ RETURN_THROWS ();
17801786 }
17811787 if (hash_str_len != crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1 ) {
17821788 zend_error (E_WARNING , "wrong size for the hashed password" );
0 commit comments