[wp-trac] [WordPress Trac] #32778: hash_equals() does not compare strings in constant time
WordPress Trac
noreply at wordpress.org
Sun Dec 6 22:03:43 UTC 2015
#32778: hash_equals() does not compare strings in constant time
--------------------------+-----------------------------
Reporter: nbachiyski | Owner: nbachiyski
Type: defect (bug) | Status: closed
Priority: normal | Milestone: Future Release
Component: General | Version: 3.9.2
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses: docs
--------------------------+-----------------------------
Changes (by nbachiyski):
* owner: => nbachiyski
* status: new => closed
* resolution: => fixed
Comment:
In [changeset:"35805"]:
{{{
#!CommitTicketReference repository="" revision="35805"
Docs: clarify inline docs for hash_equals
Before the docs implied the complexity of the function was O(1) by using
the term "constant time", now we use the more descriptive term "Timing
attack safe".
Props AramZS.
Fixes #32778.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32778#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list