scip/pcp
1
0
Fork 0
mirror of https://codeberg.org/scip/pcp.git synced 2025-12-17 03:50:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

using constant time memcmp by C.Meessen

Browse Source
This commit is contained in:
TLINDEN
2015-08-27 11:19:24 +02:00
parent 1b7681ee83
commit bbdda67a6e
9 changed files with 63 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libpcp/vault.c
View File

@@ -522,7 +522,7 @@ int pcpvault_fetchall(PCPCTX *ptx, vault_t *vault) {
if(pcphash_count(ptx) + pcphash_countpub(ptx) > 0) {
/* only validate the checksum if there are keys */
if(memcmp(checksum, vault->checksum, LSHA) != 0) {
if(cst_time_memcmp(checksum, vault->checksum, LSHA) != 0) {
fatal(ptx, "Error: the checksum of the key vault doesn't match its contents!\n");
goto err;
}