summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session/drivers
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2014-02-07 14:35:51 +0100
committerAndrey Andreev <narf@devilix.net>2014-02-07 14:35:51 +0100
commitff6d1a80b75eb4303551be1f2708509757a85e50 (patch)
treec84c6a397341c462f02aa236d2c406944ff20386 /system/libraries/Session/drivers
parent664b83e1d023e067d3b9bc75dbe96161236fd5f7 (diff)
parentc697a3bfdfc301718058a09fd5692fbecee6920a (diff)
Merge branch 'develop' into 'feature/user-guide-cleanup'
Diffstat (limited to 'system/libraries/Session/drivers')
-rw-r--r--system/libraries/Session/drivers/Session_cookie.php10
1 files changed, 9 insertions, 1 deletions
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 971dfeabe..c8dfad6c9 100644
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -395,7 +395,15 @@ class CI_Session_cookie extends CI_Session_driver {
$hmac = substr($session, $len);
$session = substr($session, 0, $len);
- if ($hmac !== hash_hmac('sha1', $session, $this->encryption_key))
+ // Time-attack-safe comparison
+ $hmac_check = hash_hmac('sha1', $session, $this->encryption_key);
+ $diff = 0;
+ for ($i = 0; $i < 40; $i++)
+ {
+ $diff |= ord($hmac[$i]) ^ ord($hmac_check[$i]);
+ }
+
+ if ($diff !== 0)
{
log_message('error', 'The session cookie data did not match what was expected.');
$this->sess_destroy();