Month: April 2017

String Splitting in C

Posted on April 9, 2017

For a project I’ve been working on I needed to split a string into it’s component parts. There is strtok which I find useless for pretty much any task. It is not thread-safe, nor is it re-entrant, which makes it impossible to parse two strings (in a loop) at... Continue reading

Constant Time String Comparison in C

Posted on April 2, 2017

Comparing strings in C is typically handled with strncmp. This is fine in most cases but if you need to compare sensitive information, such as a message digest, it’s a really bad choice. strncmp is susceptible to timing attacks because it will stop comparing once the first... Continue reading