Coverage Report

Created: 2025-06-13 06:43

/src/php-src/main/safe_bcmp.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
  +----------------------------------------------------------------------+
3
  | Copyright (c) The PHP Group                                          |
4
  +----------------------------------------------------------------------+
5
  | This source file is subject to version 3.01 of the PHP license,      |
6
  | that is bundled with this package in the file LICENSE, and is        |
7
  | available through the world-wide-web at the following url:           |
8
  | https://www.php.net/license/3_01.txt                                 |
9
  | If you did not receive a copy of the PHP license and are unable to   |
10
  | obtain it through the world-wide-web, please send a note to          |
11
  | license@php.net so we can mail you a copy immediately.               |
12
  +----------------------------------------------------------------------+
13
  | Author: David Carlier <devnexen@gmail.com>                           |
14
  +----------------------------------------------------------------------+
15
*/
16
17
#include "php.h"
18
19
#include <string.h>
20
21
/*
22
 * Returns 0 if both inputs match, non-zero if they don't.
23
 * Returns -1 early if inputs do not have the same lengths.
24
 *
25
 */
26
PHPAPI int php_safe_bcmp(const zend_string *a, const zend_string *b)
27
0
{
28
0
  const volatile unsigned char *ua = (const volatile unsigned char *)ZSTR_VAL(a);
29
0
  const volatile unsigned char *ub = (const volatile unsigned char *)ZSTR_VAL(b);
30
0
  size_t i = 0;
31
0
  int r = 0;
32
33
0
  if (ZSTR_LEN(a) != ZSTR_LEN(b)) {
34
0
    return -1;
35
0
  }
36
37
  /* This is security sensitive code. Do not optimize this for speed. */
38
0
  while (i < ZSTR_LEN(a)) {
39
0
    r |= ua[i] ^ ub[i];
40
0
    ++i;
41
0
  }
42
43
0
  return r;
44
0
}