Mercurial > urweb

diff src/c/urweb.c @ 1512:dcc8abbc6dfd

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Change cookie signature comparison to resist timing attacks (based on code suggested by Robin Green and Austin Seipp)
author Adam Chlipala <adam@chlipala.net>
date Tue, 19 Jul 2011 09:18:50 -0400
parents 7f8ddcf12b20
children 3c0803c1acd7
line wrap: on
line diff
--- a/src/c/urweb.c	Sun Jul 17 14:49:52 2011 -0400
+++ b/src/c/urweb.c	Tue Jul 19 09:18:50 2011 -0400
@@ -3455,6 +3455,23 @@
   return r;
 }
 
+/* This bit of crafty code is intended to prevent GCC from performing
+ * optimizations that would enable timing attacks.  See:
+ *   http://www.impredicative.com/pipermail/ur/2011-July/000659.html
+ */
+int uw_streq(uw_Basis_string s1, uw_Basis_string s2) {
+  int i, x = 0, len1 = strlen(s1);
+
+  if (len1 != strlen(s2)) return 0;
+
+  for (i = 0; i < len1; ++i) {
+        __asm__ __volatile__ ("");
+        x |= s1[i] ^ s2[i];
+  }
+
+  return x == 0;
+}
+
 uw_Basis_string uw_Basis_sigString(uw_context ctx, uw_unit u) {
   return ctx->app->cookie_sig(ctx);
 }