diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-05-11 16:23:42 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-05-11 16:24:29 -0400 |
| commit | 44ad73457303ed0bf80f6c4c645a62e03b42149b (patch) | |
| tree | a7aeb75625c0643b7c2434dc4c57beecd87e8826 /src/common/util.c | |
| parent | 7206d784dc3def970d5bd8618242f7b9c9c71e37 (diff) | |
| parent | 59f9097d5c3dc010847c359888d31757d1c97904 (diff) | |
| download | tor-44ad73457303ed0bf80f6c4c645a62e03b42149b.tar.gz tor-44ad73457303ed0bf80f6c4c645a62e03b42149b.zip | |
Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022
Conflicts throughout. All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.
src/common/Makefile.am
src/or/circuitbuild.c
src/or/directory.c
src/or/dirserv.c
src/or/dirvote.c
src/or/networkstatus.c
src/or/rendclient.c
src/or/rendservice.c
src/or/router.c
src/or/routerlist.c
src/or/routerparse.c
src/or/test.c
Diffstat (limited to 'src/common/util.c')
| -rw-r--r-- | src/common/util.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/src/common/util.c b/src/common/util.c index 38c0ad05e6..86f4141674 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -515,7 +515,7 @@ strcmp_len(const char *s1, const char *s2, size_t s1_len) return -1; if (s1_len > s2_len) return 1; - return memcmp(s1, s2, s2_len); + return fast_memcmp(s1, s2, s2_len); } /** Compares the first strlen(s2) characters of s1 with s2. Returns as for @@ -557,17 +557,17 @@ strcasecmpend(const char *s1, const char *s2) /** Compare the value of the string <b>prefix</b> with the start of the * <b>memlen</b>-byte memory chunk at <b>mem</b>. Return as for strcmp. * - * [As memcmp(mem, prefix, strlen(prefix)) but returns -1 if memlen is less - * than strlen(prefix).] + * [As fast_memcmp(mem, prefix, strlen(prefix)) but returns -1 if memlen is + * less than strlen(prefix).] */ int -memcmpstart(const void *mem, size_t memlen, +fast_memcmpstart(const void *mem, size_t memlen, const char *prefix) { size_t plen = strlen(prefix); if (memlen < plen) return -1; - return memcmp(mem, prefix, plen); + return fast_memcmp(mem, prefix, plen); } /** Return a pointer to the first char of s that is not whitespace and @@ -723,14 +723,16 @@ tor_mem_is_zero(const char *mem, size_t len) 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, }; while (len >= sizeof(ZERO)) { - if (memcmp(mem, ZERO, sizeof(ZERO))) + /* It's safe to use fast_memcmp here, since the very worst thing an + * attacker could learn is how many initial bytes of a secret were zero */ + if (fast_memcmp(mem, ZERO, sizeof(ZERO))) return 0; len -= sizeof(ZERO); mem += sizeof(ZERO); } /* Deal with leftover bytes. */ if (len) - return ! memcmp(mem, ZERO, len); + return fast_memeq(mem, ZERO, len); return 1; } @@ -739,7 +741,10 @@ tor_mem_is_zero(const char *mem, size_t len) int tor_digest_is_zero(const char *digest) { - return tor_mem_is_zero(digest, DIGEST_LEN); + static const uint8_t ZERO_DIGEST[] = { + 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0 + }; + return tor_memeq(digest, ZERO_DIGEST, DIGEST_LEN); } /** Return true iff the DIGEST256_LEN bytes in digest are all zero. */ |