From ed3a794c9bf6380801ee21c816505f457b6a1348 Mon Sep 17 00:00:00 2001 From: Roman Proskuryakov Date: Sun, 24 Jan 2016 19:16:40 +0300 Subject: fix: compare sensitive data with sodium_memcmp fix: make increment_nonce & increment_nonce_number independent of user-controlled input fix: make crypto_core more stable agains null ptr dereference --- toxcore/util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'toxcore/util.c') diff --git a/toxcore/util.c b/toxcore/util.c index 28d8721c..ea1988e4 100644 --- a/toxcore/util.c +++ b/toxcore/util.c @@ -60,7 +60,7 @@ int is_timeout(uint64_t timestamp, uint64_t timeout) /* id functions */ bool id_equal(const uint8_t *dest, const uint8_t *src) { - return memcmp(dest, src, crypto_box_PUBLICKEYBYTES) == 0; + return public_key_cmp(dest, src) == 0; } uint32_t id_copy(uint8_t *dest, const uint8_t *src) -- cgit v1.2.3