Message 162761 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	arigo, christian.heimes, fijall, hynek
Date	2012-06-14.09:19:26
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1339665568.1.0.630481869134.issue15061@psf.upfronthosting.co.za>
In-reply-to

Content
I don't see how the function is going to leak this information when both this patch and the patch in #14955 are applied. With http://bugs.python.org/file25801/secure-compare-fix-v2.patch ord() is no longer used and thus avoid the timing difference for integers > 256 (NSMALLPOSINTS is defined as 257, not 100).

I don't see how the function is going to leak this information when both this patch and the patch in #14955 are applied. With http://bugs.python.org/file25801/secure-compare-fix-v2.patch ord() is no longer used and thus avoid the timing difference for integers > 256 (NSMALLPOSINTS is defined as 257, not 100).

History
Date	User	Action	Args
2012-06-14 09:19:28	christian.heimes	set	recipients: + christian.heimes, arigo, fijall, hynek
2012-06-14 09:19:28	christian.heimes	set	messageid: <1339665568.1.0.630481869134.issue15061@psf.upfronthosting.co.za>
2012-06-14 09:19:27	christian.heimes	link	issue15061 messages
2012-06-14 09:19:26	christian.heimes	create