symfony-security - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Fabien Potencier <fabien.potencier@gmail.com>	2014-09-10 15:18:42 +0200
committer	Fabien Potencier <fabien.potencier@gmail.com>	2014-09-10 15:18:42 +0200
commit	eea4a9bdfa0930002b9a4de65e3e6e7fd95941a1 (patch)
tree	53601695555388dc3012a3f669004318f6e0ca7f /Core/Tests/Encoder/EncoderFactoryTest.php
parent	aee2d201bfe01008d293b85af075040aebeb2eac (diff)
parent	6695a8e284aa75cfa2be1b1825367924febb3953 (diff)
download	symfony-security-eea4a9bdfa0930002b9a4de65e3e6e7fd95941a1.zip symfony-security-eea4a9bdfa0930002b9a4de65e3e6e7fd95941a1.tar.gz symfony-security-eea4a9bdfa0930002b9a4de65e3e6e7fd95941a1.tar.bz2

minor #11822 [Security] Use hash_equals for constant-time string comparison (again) (dunglas)

This PR was merged into the 2.3 branch. Discussion ---------- [Security] Use hash_equals for constant-time string comparison (again) | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Use the `hash_equals` function (introduced in PHP 5.6) for timing attack safe string comparison when available. Add in the DocBlock that length will leak (https://github.com/symfony/symfony/pull/11797#issuecomment-53990712). Commits ------- 3071557 [Security] Add more tests for StringUtils::equals 03bd74b [Security] Use hash_equals for constant-time string comparison

Diffstat (limited to 'Core/Tests/Encoder/EncoderFactoryTest.php')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: