[tor-dev] memcmp() & co. timing info disclosures?

Chris Palmer chris at eff.org
Sat May 7 05:11:06 UTC 2011


On May 6, 2011, at 8:53 PM, Robert Ransom wrote:

>> int memcmp(const void *m1, const void *m2, size_t n)
>> {
>> /*XXX I don't know if this is even right; I haven't tested it at all */
>>  const uint8_t *b1 = m1, *b2 = m2;
>>  int retval = 0;
>> 
>>  while (n--) {
>>    const uint8_t v1 = b1[n], v2 = b2[n];
>>    int diff = (int)v1 - (int)v2;
>>    retval = (v1 == v2) * retval + diff;
>>  }
>> 
>>  return retval;
>> }
> 
> GCC is likely to turn (v1 == v2) into a backdoor.

Can you explain what you mean?


More information about the tor-dev mailing list