symfony · fabpot · Aug 31, 2014 · Aug 6, 2014 · Tobion · Aug 31, 2014
diff --git a/src/Symfony/Component/Security/Core/Util/StringUtils.php b/src/Symfony/Component/Security/Core/Util/StringUtils.php
@@ -35,23 +35,19 @@ private function __construct() {}
      */
     public static function equals($knownString, $userInput)
     {
-        // Prevent issues if string length is 0
-        $knownString .= chr(0);
-        $userInput .= chr(0);
-
         $knownLen = strlen($knownString);
         $userLen = strlen($userInput);
 
+        // Extend know string to avoid uninitialized string offsets
+        $knownString .= $userInput;
+
         // Set the result to the difference between the lengths
         $result = $knownLen - $userLen;
 
         // Note that we ALWAYS iterate over the user-supplied length
         // This is to prevent leaking length information
         for ($i = 0; $i < $userLen; $i++) {
-            // Using % here is a trick to prevent notices
-            // It's safe, since if the lengths are different
-            // $result is already non-0
-            $result |= (ord($knownString[$i % $knownLen]) ^ ord($userInput[$i]));
+            $result |= (ord($knownString[$i]) ^ ord($userInput[$i]));
         }
 
         // They are only identical strings if $result is exactly 0...