]> git.ipfire.org Git - thirdparty/curl.git/commit
projects / thirdparty / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b90f857) | patch
strcase: add and use Curl_timestrcmp
authorDaniel Stenberg <daniel@haxx.se>
Wed, 5 Oct 2022 22:49:10 +0000 (00:49 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Sat, 8 Oct 2022 09:50:47 +0000 (11:50 +0200)
commited5095ed94281989e103c72e032200b83be37878
tree82e843cf7fd9f863da7d1cf076a89d74c223cae7tree
parentb90f857fabe629158db71e973270c1c964dcebc0commit | diff
strcase: add and use Curl_timestrcmp

This is a strcmp() alternative function for comparing "secrets",
designed to take the same time no matter the content to not leak
match/non-match info to observers based on how fast it is.

The time this function takes is only a function of the shortest input
string.

Reported-by: Trail of Bits
Closes #9658
lib/netrc.c diff | blob | blame | history
lib/strcase.c diff | blob | blame | history
lib/strcase.h diff | blob | blame | history
lib/url.c diff | blob | blame | history
lib/vauth/digest_sspi.c diff | blob | blame | history
lib/vtls/vtls.c diff | blob | blame | history
Mirror of https://github.com/curl/curl.git