From a89fccd28197fa179828c8596791ff16e2268d20 Mon Sep 17 00:00:00 2001
From: David Rientjes <rientjes@google.com>
Date: Thu, 17 Aug 2006 11:54:57 -0700
Subject: Do not use memcmp(sha1_1, sha1_2, 20) with hardcoded length.

Introduces global inline:

	hashcmp(const unsigned char *sha1, const unsigned char *sha2)

Uses memcmp for comparison and returns the result based on the length of
the hash name (a future runtime decision).

Acked-by: Alex Riesen <raa.lkml@gmail.com>
Signed-off-by: David Rientjes <rientjes@google.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>
---
 read-cache.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'read-cache.c')

diff --git a/read-cache.c b/read-cache.c
index 6bec833eec..b6982eac41 100644
--- a/read-cache.c
+++ b/read-cache.c
@@ -60,7 +60,7 @@ static int ce_compare_data(struct cache_entry *ce, struct stat *st)
 	if (fd >= 0) {
 		unsigned char sha1[20];
 		if (!index_fd(sha1, fd, st, 0, NULL))
-			match = memcmp(sha1, ce->sha1, 20);
+			match = hashcmp(sha1, ce->sha1);
 		/* index_fd() closed the file descriptor already */
 	}
 	return match;
@@ -744,7 +744,7 @@ static int verify_hdr(struct cache_header *hdr, unsigned long size)
 	SHA1_Init(&c);
 	SHA1_Update(&c, hdr, size - 20);
 	SHA1_Final(sha1, &c);
-	if (memcmp(sha1, (char *) hdr + size - 20, 20))
+	if (hashcmp(sha1, (unsigned char *)hdr + size - 20))
 		return error("bad index file sha1 signature");
 	return 0;
 }
-- 
cgit v1.2.3