Hello, memcmp(3) does not document the return value for length 0 and the CPU time depending on the number of compared bytes. While both is obvious, it should still be documented. Michael --- memcmp.3.orig 2014-11-17 08:53:53.848805576 +0100 +++ memcmp.3 2014-11-17 08:58:39.699005856 +0100 @@ -27,6 +27,7 @@ .\" Lewine's _POSIX Programmer's Guide_ (O'Reilly & Associates, 1991) .\" 386BSD man pages .\" Modified Sat Jul 24 18:55:27 1993 by Rik Faith (faith@xxxxxxxxxx) +.\" Modified Mon Nov 17 07:45:13 2014 by Michael Haardt (michael@xxxxxxxx) .TH MEMCMP 3 2014-03-14 "" "Linux Programmer's Manual" .SH NAME memcmp \- compare memory areas @@ -42,6 +43,11 @@ function compares the first \fIn\fP bytes (each interpreted as .IR "unsigned char" ) of the memory areas \fIs1\fP and \fIs2\fP. +.PP +Do not use +.BR memcmp () +to compare security critical data, such as cryptographic secrets, +because the required CPU time depends on the amount of equal bytes. .SH RETURN VALUE The .BR memcmp () @@ -57,6 +63,8 @@ .I s1 and .IR s2 . +.PP +If \fIn\fP is zero, the return value is zero. .SH ATTRIBUTES .SS Multithreading (see pthreads(7)) The -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
