Docs: clarify inline docs for hash_equals
Before the docs implied the complexity of the function was O(1) by using the term "constant time", now we use the more descriptive term "Timing attack safe". Props AramZS. Fixes #32778. Built from https://develop.svn.wordpress.org/trunk@35805 git-svn-id: http://core.svn.wordpress.org/trunk@35769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
d35bc1b936
commit
c512f8cbdd
|
@ -228,15 +228,18 @@ if ( !function_exists('json_decode') ) {
|
|||
|
||||
if ( ! function_exists( 'hash_equals' ) ) :
|
||||
/**
|
||||
* Compare two strings in constant time.
|
||||
* Timing attack safe string comparison
|
||||
*
|
||||
* Compares two strings using the same time whether they're equal or not.
|
||||
*
|
||||
* This function was added in PHP 5.6.
|
||||
* It can leak the length of a string.
|
||||
*
|
||||
* Note: It can leak the length of a string when arguments of differing length are supplied.
|
||||
*
|
||||
* @since 3.9.2
|
||||
*
|
||||
* @param string $a Expected string.
|
||||
* @param string $b Actual string.
|
||||
* @param string $b Actual, user supplied, string.
|
||||
* @return bool Whether strings are equal.
|
||||
*/
|
||||
function hash_equals( $a, $b ) {
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '4.5-alpha-35804';
|
||||
$wp_version = '4.5-alpha-35805';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
|
Loading…
Reference in New Issue