> I placed this piece in a new NOTES section. > > Some text here about what one should do instead of using memcmp() > might be helpful. Do you have any suggestions? Obviously a comparison with constant CPU usage is asked for, which is rather easy to implement given that secrets are usually only compared for being equal. AFAIK neither POSIX nor C99 offers a function for that. I don't know if glibc does. NetBSD does (consttime_memequal), but that does not help portable code, so I have no good suggestion really. Michael -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
