Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 9 May 2014 08:04:53 +0400
From: Solar Designer <>
Subject: Defeating memory comparison timing oracles


Florian made this nice Red Hat security blog post a couple of days ago:

The idea is to harden glibc's memcmp(3) to be partially timing-safe,
maybe only in the -D_FORTIFY_SOURCE=2 mode.

While I don't mind having memcmp(3) sometimes hardened, I think we
primarily need to have an explicit timing-safe memory comparison
function in glibc and elsewhere, and I think it'd be natural to adopt
OpenBSD's timingsafe_bcmp() prototype and semantics:

People will need this very function e.g. when making LibReSSL portable:

Some good reading on the problem and possible solutions:


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.