Use CRYPTO_memcmp when comparing authenticators

Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley (Google). Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Emilia Kasper <emilia@openssl.org> 2015-05-27 17:12:13 +0200
committer: Emilia Kasper <emilia@openssl.org> 2015-06-08 14:55:50 +0200
commit: 1e4a355dcabe2f75df5bb8b41b394d37037169d2 (patch)
tree: aac26a71e92cf32f361342fbe2c3fe4edde4395d /crypto/evp/e_rc4_hmac_md5.c
parent: 65d3941f4aa199d0fcd615b074876f8ff2886d11 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
index 1ba690da11..e3fe91835c 100644
--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
@@ -54,6 +54,7 @@
 
 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
 
+# include <openssl/crypto.h>
 # include <openssl/evp.h>
 # include <openssl/objects.h>
 # include <openssl/rc4.h>
@@ -209,7 +210,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
             MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
             MD5_Final(mac, &key->md);
 
-            if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
+            if (CRYPTO_memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
                 return 0;
         } else {
             MD5_Update(&key->md, out + md5_off, len - md5_off);
author	Emilia Kasper <emilia@openssl.org>	2015-05-27 17:12:13 +0200
committer	Emilia Kasper <emilia@openssl.org>	2015-06-08 14:55:50 +0200
commit	1e4a355dcabe2f75df5bb8b41b394d37037169d2 (patch)
tree	aac26a71e92cf32f361342fbe2c3fe4edde4395d /crypto/evp/e_rc4_hmac_md5.c
parent	65d3941f4aa199d0fcd615b074876f8ff2886d11 (diff)