lib-imap-urlauth: Fix potential timing attack in verifying the token

diff --git a/src/lib-imap-urlauth/imap-urlauth.c b/src/lib-imap-urlauth/imap-urlauth.c
index 58e2810650325ae6868fb68d6d8d177b09a2407f..a9c2673024f568eccb05a5c88daff7cd0995f024 100644 (file)
--- a/src/lib-imap-urlauth/imap-urlauth.c
+++ b/src/lib-imap-urlauth/imap-urlauth.c
@@ -112,10 +112,11 @@ imap_urlauth_internal_verify(const char *rumpurl,
 
        valtoken = imap_urlauth_internal_generate(rumpurl, mailbox_key,
                                                  &valtoken_len);
+       /* Note: the token length has timing leak here in any case */
        if (token_len != valtoken_len)
                return FALSE;
 
-       return memcmp(token, valtoken, valtoken_len) == 0;
+       return mem_equals_timing_safe(token, valtoken, valtoken_len);
 }
 
 static bool