Manual browser: memcmp(3)

Section:
Page:
MEMCMP(3) Library Functions Manual MEMCMP(3)

NAME

memcmpcompare byte string

LIBRARY

Standard C Library (libc, -lc)

SYNOPSIS

#include <string.h>

int
memcmp(const void *b1, const void *b2, size_t len);

DESCRIPTION

The memcmp() function compares byte string b1 against byte string b2. Both strings are assumed to be len bytes long.

RETURN VALUES

The memcmp() function returns zero if the two strings are identical, otherwise returns the difference between the first two differing bytes (treated as unsigned char values, so that ‘\200’ is greater than ‘\0’, for example). Zero-length strings are always identical.

Do not use memcmp() to compare cryptographic secrets, because the time it takes varies depending on how many bytes are the same, and thus leaks information about the two strings by a timing side channel. To compare secrets, hashes, message authentication codes, etc., use consttime_memequal(3) instead.

STANDARDS

The memcmp() function conforms to ANSI X3.159-1989 (“ANSI C89”).
June 23, 2013 NetBSD 7.0