NAME
memcmp —
compare byte string
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <string.h>
int
memcmp(
const void
*b1,
const void *b2,
size_t len);
DESCRIPTION
The
memcmp() function compares byte string
b1 against byte string
b2. Both
strings are assumed to be
len bytes long.
RETURN VALUES
The
memcmp() function returns zero if the two strings are
identical, otherwise returns the difference between the first two differing
bytes (treated as unsigned char values, so that
‘
\200
’ is greater than
‘
\0
’, for example). Zero-length strings
are always identical.
Do not use
memcmp() to compare cryptographic secrets, because
the time it takes varies depending on how many bytes are the same, and thus
leaks information about the two strings by a timing side channel. To compare
secrets, hashes, message authentication codes, etc., use
consttime_memequal(3)
instead.
SEE ALSO
bcmp(3),
consttime_memequal(3),
strcasecmp(3),
strcmp(3),
strcoll(3),
strxfrm(3)
STANDARDS
The
memcmp() function conforms to
ANSI
X3.159-1989 (“ANSI C89”).