mirror of https://github.com/mkerrisk/man-pages
memcmp.3: Warn against use of memcmp() for comparing security-critical data
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
7f139a4512
commit
f70fe9d7cb
|
@ -68,6 +68,12 @@ The
|
|||
function is thread-safe.
|
||||
.SH CONFORMING TO
|
||||
SVr4, 4.3BSD, C89, C99, POSIX.1-2001.
|
||||
.SH NOTES
|
||||
.PP
|
||||
Do not use
|
||||
.BR memcmp ()
|
||||
to compare security critical data, such as cryptographic secrets,
|
||||
because the required CPU time depends on the amount of equal bytes.
|
||||
.SH SEE ALSO
|
||||
.BR bcmp (3),
|
||||
.BR strcasecmp (3),
|
||||
|
|
Loading…
Reference in New Issue