Skip to content
This repository was archived by the owner on May 31, 2024. It is now read-only.

Commit ea2fdb7

Browse files
fabpotfabpot
committed
Merge branch '2.3' into 2.4
* 2.3: [HttpKernel] fixed internal fragment handling fixing yaml indentation [WebProfiler] replaced the import/export feature from the web interface to a CLI tool Forced all fragment uris to be signed, even for ESI Add tests and more assertions [FrameworkBundle][Translator] Validate locales. [HttpFoundation] added some missing tests [HttpFoundation] Improve string values in test codes fix comment: not fourth but sixth argument fixing typo in a comment [FrameworkBundle] fixed CS [FrameworkBundle] PhpExtractor bugfix and improvements [Finder] Fix findertest readability [Filesystem] Add FTP stream wrapper context option to enable overwrite (override) fix parsing of Authorization header Test examples from Drupal SA-CORE-2014-003 Fix potential DoS when parsing HOST Made optimization deprecating modulus operator Conflicts: src/Symfony/Bundle/FrameworkBundle/Resources/config/esi.xml src/Symfony/Component/HttpFoundation/Request.php src/Symfony/Component/HttpFoundation/Tests/RequestTest.php src/Symfony/Component/HttpKernel/Fragment/EsiFragmentRenderer.php
2 parents cf4aa25 + 329bf0c commit ea2fdb7

File tree

1 file changed

+4
-8
lines changed

1 file changed

+4
-8
lines changed

Core/Util/StringUtils.php

Lines changed: 4 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -35,23 +35,19 @@ private function __construct() {}
3535
*/
3636
public static function equals($knownString, $userInput)
3737
{
38-
// Prevent issues if string length is 0
39-
$knownString .= chr(0);
40-
$userInput .= chr(0);
41-
4238
$knownLen = strlen($knownString);
4339
$userLen = strlen($userInput);
4440

41+
// Extend the known string to avoid uninitialized string offsets
42+
$knownString .= $userInput;
43+
4544
// Set the result to the difference between the lengths
4645
$result = $knownLen - $userLen;
4746

4847
// Note that we ALWAYS iterate over the user-supplied length
4948
// This is to prevent leaking length information
5049
for ($i = 0; $i < $userLen; $i++) {
51-
// Using % here is a trick to prevent notices
52-
// It's safe, since if the lengths are different
53-
// $result is already non-0
54-
$result |= (ord($knownString[$i % $knownLen]) ^ ord($userInput[$i]));
50+
$result |= (ord($knownString[$i]) ^ ord($userInput[$i]));
5551
}
5652

5753
// They are only identical strings if $result is exactly 0...

0 commit comments

Comments
 (0)