From: Sergey Kandaurov Date: Wed, 10 Jun 2026 17:32:41 +0000 (+0400) Subject: Secure link: compare hashes in constant time X-Git-Tag: release-1.31.2~9 X-Git-Url: http://git.kaiwu.me/postgresql/log/contrib/postgres_fdw/postgres_fdw.c?a=commitdiff_plain;h=bedf18f95d76b93d15335dee8c642b86e6baeac2;p=nginx.git Secure link: compare hashes in constant time Reported by kodareef5 --- diff --git a/src/http/modules/ngx_http_secure_link_module.c b/src/http/modules/ngx_http_secure_link_module.c index 025fe341c..7218b6dd4 100644 --- a/src/http/modules/ngx_http_secure_link_module.c +++ b/src/http/modules/ngx_http_secure_link_module.c @@ -101,10 +101,11 @@ static ngx_int_t ngx_http_secure_link_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data) { - u_char *p, *last; + u_char *p, *last, ch; time_t expires; ngx_str_t val, hash; ngx_md5_t md5; + ngx_uint_t i; ngx_http_secure_link_ctx_t *ctx; ngx_http_secure_link_conf_t *conf; u_char hash_buf[18], md5_buf[16]; @@ -175,7 +176,13 @@ ngx_http_secure_link_variable(ngx_http_request_t *r, ngx_md5_update(&md5, val.data, val.len); ngx_md5_final(md5_buf, &md5); - if (ngx_memcmp(hash_buf, md5_buf, 16) != 0) { + /* constant time comparison */ + + for (ch = 0, i = 0; i < 16; i++) { + ch |= (hash_buf[i] ^ md5_buf[i]); + } + + if (ch) { goto not_found; } @@ -200,7 +207,7 @@ ngx_http_secure_link_old_variable(ngx_http_request_t *r, ngx_http_secure_link_conf_t *conf, ngx_http_variable_value_t *v, uintptr_t data) { - u_char *p, *start, *end, *last; + u_char *p, *start, *end, *last, ch; size_t len; ngx_int_t n; ngx_md5_t md5; @@ -243,11 +250,19 @@ url_start: ngx_md5_update(&md5, conf->secret.data, conf->secret.len); ngx_md5_final(hash, &md5); - for (i = 0; i < 16; i++) { + for (ch = 0, i = 0; i < 16; i++) { n = ngx_hextoi(&start[2 * i], 2); - if (n == NGX_ERROR || n != hash[i]) { + if (n == NGX_ERROR) { goto not_found; } + + /* constant time comparison */ + + ch |= (u_char) n ^ hash[i]; + } + + if (ch) { + goto not_found; } v->len = len;