Home | History | Annotate | Line # | Download | only in isc 
      1 /*	$NetBSD: tsmemcmp.c,v 1.2 2024/08/18 20:47:14 christos Exp $	*/
      2 
      3 /*
      4  * Copyright (C) 2004-2007, 2011, 2012  Internet Systems Consortium, Inc. ("ISC")
      5  * Copyright (C) 1999-2001, 2003  Internet Software Consortium.
      6  *
      7  * Permission to use, copy, modify, and/or distribute this software for any
      8  * purpose with or without fee is hereby granted, provided that the above
      9  * copyright notice and this permission notice appear in all copies.
     10  *
     11  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
     12  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
     13  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
     14  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
     15  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
     16  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
     17  * PERFORMANCE OF THIS SOFTWARE.
     18  */
     19 
     20 /* Id */
     21 
     22 /*! \file */
     23 
     24 #include <config.h>
     25 #include <limits.h>
     26 #include <isc/string.h>
     27 
     28 /* Making a portable memcmp that has no internal branches and loops always
     29  * once for every byte without early-out shortcut has a few challenges.
     30  *
     31  * Inspired by 'timingsafe_memcmp()' from the BSD system and
     32  * https://github.com/libressl-portable/openbsd/blob/master/src/lib/libc/string/timingsafe_memcmp.c
     33  *
     34  * Sadly, that one is not portable C: It makes assumptions on the representation
     35  * of negative integers and assumes sign-preserving right-shift of negative
     36  * signed values. This is a rewrite from scratch that should not suffer from
     37  * such issues.
     38  *
     39  * 2015-12-12, J. Perlinger (perlinger-at-ntp-dot-org)
     40  */
     41 int
     42 isc_tsmemcmp(const void *p1, const void *p2, size_t nb) {
     43 	const unsigned char *ucp1 = p1;
     44 	const unsigned char *ucp2 = p2;
     45 	unsigned int isLT = 0u;
     46 	unsigned int isGT = 0u;
     47 	volatile unsigned int mask = (1u << CHAR_BIT);
     48 
     49 	for (/*NOP*/; 0 != nb; --nb, ++ucp1, ++ucp2) {
     50 		isLT |= mask &
     51 		    ((unsigned int)*ucp1 - (unsigned int)*ucp2);
     52 		isGT |= mask &
     53 		    ((unsigned int)*ucp2 - (unsigned int)*ucp1);
     54 		mask &= ~(isLT | isGT);
     55 	}
     56 	return (int)(isGT >> CHAR_BIT) - (int)(isLT >> CHAR_BIT);
     57 }
     58