diff --git a/python/ycm/utils.py b/python/ycm/utils.py index 082e64a8..f320ca1a 100644 --- a/python/ycm/utils.py +++ b/python/ycm/utils.py @@ -227,21 +227,21 @@ def CreateHexHmac( content, hmac_secret ): # This is the compare_digest function from python 3.4, adapted for 2.7: # http://hg.python.org/cpython/file/460407f35aa9/Lib/hmac.py#l16 def SecureCompareStrings( a, b ): - """Returns the equivalent of 'a == b', but avoids content based short - circuiting to reduce the vulnerability to timing attacks.""" - # Consistent timing matters more here than data type flexibility - if not ( isinstance( a, str ) and isinstance( b, str ) ): - raise TypeError( "inputs must be str instances" ) + """Returns the equivalent of 'a == b', but avoids content based short + circuiting to reduce the vulnerability to timing attacks.""" + # Consistent timing matters more here than data type flexibility + if not ( isinstance( a, str ) and isinstance( b, str ) ): + raise TypeError( "inputs must be str instances" ) - # We assume the length of the expected digest is public knowledge, - # thus this early return isn't leaking anything an attacker wouldn't - # already know - if len( a ) != len( b ): - return False + # We assume the length of the expected digest is public knowledge, + # thus this early return isn't leaking anything an attacker wouldn't + # already know + if len( a ) != len( b ): + return False - # We assume that integers in the bytes range are all cached, - # thus timing shouldn't vary much due to integer object creation - result = 0 - for x, y in zip( a, b ): - result |= ord( x ) ^ ord( y ) - return result == 0 + # We assume that integers in the bytes range are all cached, + # thus timing shouldn't vary much due to integer object creation + result = 0 + for x, y in zip( a, b ): + result |= ord( x ) ^ ord( y ) + return result == 0