1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
'\" t
.\" Copyright 1993 David Metcalfe (david@prism.demon.co.uk)
.\"
.\" SPDX-License-Identifier: Linux-man-pages-copyleft
.\"
.\" References consulted:
.\" Linux libc source code
.\" Lewine's _POSIX Programmer's Guide_ (O'Reilly & Associates, 1991)
.\" 386BSD man pages
.\" Modified Sat Jul 24 18:55:27 1993 by Rik Faith (faith@cs.unc.edu)
.TH memcmp 3 2023-07-30 "Linux man-pages 6.05.01"
.SH NAME
memcmp \- compare memory areas
.SH LIBRARY
Standard C library
.RI ( libc ", " \-lc )
.SH SYNOPSIS
.nf
.B #include <string.h>
.PP
.BI "int memcmp(const void " s1 [. n "], const void " s2 [. n "], size_t " n );
.fi
.SH DESCRIPTION
The
.BR memcmp ()
function compares the first \fIn\fP bytes (each interpreted as
.IR "unsigned char" )
of the memory areas \fIs1\fP and \fIs2\fP.
.SH RETURN VALUE
The
.BR memcmp ()
function returns an integer less than, equal to, or
greater than zero if the first \fIn\fP bytes of \fIs1\fP is found,
respectively, to be less than, to match, or be greater than the first
\fIn\fP bytes of \fIs2\fP.
.PP
For a nonzero return value, the sign is determined by the sign of
the difference between the first pair of bytes (interpreted as
.IR "unsigned char" )
that differ in
.I s1
and
.IR s2 .
.PP
If
.I n
is zero, the return value is zero.
.SH ATTRIBUTES
For an explanation of the terms used in this section, see
.BR attributes (7).
.TS
allbox;
lbx lb lb
l l l.
Interface Attribute Value
T{
.na
.nh
.BR memcmp ()
T} Thread safety MT-Safe
.TE
.sp 1
.SH STANDARDS
C11, POSIX.1-2008.
.SH HISTORY
POSIX.1-2001, C89, SVr4, 4.3BSD.
.SH CAVEATS
Do not use
.BR memcmp ()
to compare confidential data,
such as cryptographic secrets,
because the CPU time required for the comparison
depends on the contents of the addresses compared,
this function is subject to timing-based side-channel attacks.
In such cases,
a function that performs comparisons in deterministic time,
depending only on
.I n
(the quantity of bytes compared)
is required.
Some operating systems provide such a function (e.g., NetBSD's
.BR consttime_memequal ()),
but no such function is specified in POSIX.
On Linux, you may need to implement such a function yourself.
.SH SEE ALSO
.BR bstring (3),
.BR strcasecmp (3),
.BR strcmp (3),
.BR strcoll (3),
.BR strncasecmp (3),
.BR strncmp (3),
.BR wmemcmp (3)
|