On Tue, Nov 10, 2009 at 2:25 AM, Robert Millan <r...@aybabtu.com> wrote: > On Mon, Nov 09, 2009 at 07:15:48PM +0100, Vladimir 'phcoder' Serbinenko wrote: >> Robert Millan wrote: >> > >> > Actually, modern CPUs are very complex and the number of operations (or >> > time taken by them) isn't easy to predict. >> > >> > >> It's generally a good practice to do exactly same operations >> independently of result just store the result in a separate variable >> it's how RSA is correctly implemented >> >> for (n = grub_strlen (s1); n >= 0; n--) >> { >> if (*s1 != *s2) >> ret |= 1; >> else >> ret |= 0; > > Uhm I didn't check, but I'd suspect -Os would optimize this out. > > Anyhow, if we move the fixed time wait to the outer loop, it should no > longer be a problem. > > We could also check the approach taken by e.g. su from coreutils.
Hi, How about this one: int grub_auth_strcmp (const char *s1, const char *s2) { int result = 0; for (; *s1 != 0; s1++, s2++) result += (*s1 != *s2); return (result != 0); } -- Bean My repository: https://launchpad.net/burg Document: https://help.ubuntu.com/community/Burg _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel