On Tue, Nov 10, 2009 at 2:25 AM, Robert Millan <[email protected]> wrote:
> On Mon, Nov 09, 2009 at 07:15:48PM +0100, Vladimir 'phcoder' Serbinenko wrote:
>> Robert Millan wrote:
>> >
>> > Actually, modern CPUs are very complex and the number of operations (or
>> > time taken by them) isn't easy to predict.
>> >
>> >
>> It's generally a good practice to do exactly same operations
>> independently of result just store the result in a separate variable
>> it's how RSA is correctly implemented
>>
>> for (n = grub_strlen (s1); n >= 0; n--)
>> {
>> if (*s1 != *s2)
>> ret |= 1;
>> else
>> ret |= 0;
>
> Uhm I didn't check, but I'd suspect -Os would optimize this out.
>
> Anyhow, if we move the fixed time wait to the outer loop, it should no
> longer be a problem.
>
> We could also check the approach taken by e.g. su from coreutils.
Hi,
How about this one:
int
grub_auth_strcmp (const char *s1, const char *s2)
{
int result = 0;
for (; *s1 != 0; s1++, s2++)
result += (*s1 != *s2);
return (result != 0);
}
--
Bean
My repository: https://launchpad.net/burg
Document: https://help.ubuntu.com/community/Burg
_______________________________________________
Grub-devel mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/grub-devel
