summaryrefslogtreecommitdiff
path: root/src/c
diff options
context:
space:
mode:
authorGravatar Adam Chlipala <adam@chlipala.net>2011-07-19 09:18:50 -0400
committerGravatar Adam Chlipala <adam@chlipala.net>2011-07-19 09:18:50 -0400
commitac6fd6218962bf60b86cdfa64b8f7110ffc35ad3 (patch)
tree5a3ddc7abde84b7531e001931b0cf158d78938b5 /src/c
parent0b12664f70f258a5928d051b5e71715b84dd37b6 (diff)
Change cookie signature comparison to resist timing attacks (based on code suggested by Robin Green and Austin Seipp)
Diffstat (limited to 'src/c')
-rw-r--r--src/c/urweb.c17
1 files changed, 17 insertions, 0 deletions
diff --git a/src/c/urweb.c b/src/c/urweb.c
index 238b27e2..4d2de1dd 100644
--- a/src/c/urweb.c
+++ b/src/c/urweb.c
@@ -3455,6 +3455,23 @@ uw_Basis_string uw_Basis_makeSigString(uw_context ctx, uw_Basis_string sig) {
return r;
}
+/* This bit of crafty code is intended to prevent GCC from performing
+ * optimizations that would enable timing attacks. See:
+ * http://www.impredicative.com/pipermail/ur/2011-July/000659.html
+ */
+int uw_streq(uw_Basis_string s1, uw_Basis_string s2) {
+ int i, x = 0, len1 = strlen(s1);
+
+ if (len1 != strlen(s2)) return 0;
+
+ for (i = 0; i < len1; ++i) {
+ __asm__ __volatile__ ("");
+ x |= s1[i] ^ s2[i];
+ }
+
+ return x == 0;
+}
+
uw_Basis_string uw_Basis_sigString(uw_context ctx, uw_unit u) {
return ctx->app->cookie_sig(ctx);
}