This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients christian.heimes
Date 2012-06-13.23:00:23
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1339628424.5.0.00054113371222.issue15061@psf.upfronthosting.co.za>
In-reply-to
Content
The secure_compare() function immediately returns False when both strings don't have equal length. With the patch the run time of secure_compare() always depends on the length of the right side. It no longer gives away information about the length of the left side.

The patch should be applied in combination with the patch in issue #14955.
History
Date User Action Args
2012-06-13 23:00:24christian.heimessetrecipients: + christian.heimes
2012-06-13 23:00:24christian.heimessetmessageid: <1339628424.5.0.00054113371222.issue15061@psf.upfronthosting.co.za>
2012-06-13 23:00:23christian.heimeslinkissue15061 messages
2012-06-13 23:00:23christian.heimescreate