mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-11-23 09:54:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix comment for php_safe_bcmp (#10306)

Browse Source 
* main: Fix comment for php_safe_bcmp

* main: Include note about php_safe_bcmp being security sensitive

This is taken from the implementation of `hash_equals()`.
This commit is contained in:
Tim Düsterhus 2023-01-12 23:30:36 +01:00 committed by GitHub
parent 884e8a970a
commit fd7214436a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
main/safe_bcmp.c
View File

@ -19,7 +19,7 @@
#include <string.h>
/*
* Returns 0 if both inputs match, 1 if they don't.
* Returns 0 if both inputs match, non-zero if they don't.
* Returns -1 early if inputs do not have the same lengths.
*
*/
@ -34,6 +34,7 @@ PHPAPI int php_safe_bcmp(const zend_string *a, const zend_string *b)
return -1;
}
/* This is security sensitive code. Do not optimize this for speed. */
while (i < ZSTR_LEN(a)) {
r |= ua[i] ^ ub[i];
++i;