diff options
| -rw-r--r-- | phpBB/phpbb/passwords/driver/helper.php | 20 | ||||
| -rw-r--r-- | tests/passwords/manager_test.php | 18 |
2 files changed, 38 insertions, 0 deletions
diff --git a/phpBB/phpbb/passwords/driver/helper.php b/phpBB/phpbb/passwords/driver/helper.php index 2b3ebce53a..caa65080ac 100644 --- a/phpBB/phpbb/passwords/driver/helper.php +++ b/phpBB/phpbb/passwords/driver/helper.php @@ -142,4 +142,24 @@ class helper } return $random; } + + /** + * Compare two strings byte by byte + * + * @param string $string_a The first string + * @param string $string_b The second string + * + * @return bool True if strings are the same, false if not + */ + public function string_compare($string_a, $string_b) + { + $difference = strlen($string_a) != strlen($string_b); + + for ($i = 0; $i < strlen($string_a) && $i < strlen($string_b); $i++) + { + $difference |= $string_a[$i] != $string_b[$i]; + } + + return $difference === 0; + } } diff --git a/tests/passwords/manager_test.php b/tests/passwords/manager_test.php index e46cf820f2..f9f7f99751 100644 --- a/tests/passwords/manager_test.php +++ b/tests/passwords/manager_test.php @@ -326,4 +326,22 @@ class phpbb_passwords_manager_test extends \phpbb_test_case $this->assertFalse($this->manager->hash(str_repeat('a', 1024 * 1024 * 16))); $this->assertLessThanOrEqual(5, time() - $start_time); } + + public function data_test_string_compare() + { + return array( + array('foo', 'bar', false), + array(1, '1', false), + array('one', 'one', true), + array('foobar', 'foobaf', false), + ); + } + + /** + * @dataProvider data_test_string_compare + */ + public function test_string_compare($a, $b, $expected) + { + $this->assertSame($expected, $this->driver_helper->string_compare($a, $b)); + } } |