|
From: | Darron Black |
Subject: | Re: Imminent bugfix release (1.97.1) |
Date: | Mon, 09 Nov 2009 17:56:08 -0600 |
User-agent: | Thunderbird 2.0.0.23 (X11/20090817) |
address@hidden wrote:
Yeah, sorry. That'd be a slightly larger security hole, eh? I meant to just show the "acc |= (*s1 ^ *s2);" line, but I decided to throw the rest in for context and didn't really check it. I noticed that just AFTER sending.Hello, I'd be concerned about (s1 != s2). Depending on how efficiently this compiles, could not branch prediction make this faster for match vs. not match, etc?. I'd be worried about all the ways (and future ways) compilers might help us and introduce time differences.I was avoiding suggesting new conditionals for that reason, but didn't see the one already there. Good find.I'd feel most comfortable with the time delay, but why not stick to complete artithmetic?I agree. But I think you've inverted the return value (strcmp returns 0 on perfect match).
int i; int acc = 0; for(i=0;i<MAX_LEN;i++,s1++,s2++) { acc |= (*s1 ^ *s2); if (*s1 == 0) break; } return (acc == 0); Also, these strcmp functions don't properly return < or >. Just = / !=. However, my context being so new is quite limited. Darron _______________________________________________ Grub-devel mailing list address@hidden http://lists.gnu.org/mailman/listinfo/grub-devel_______________________________________________ Grub-devel mailing list address@hidden http://lists.gnu.org/mailman/listinfo/grub-devel
[Prev in Thread] | Current Thread | [Next in Thread] |