// Constant-time signature verification
// http://www.emerose.com/timing-attacks-explained
- // @todo: make a common method for this
+ // @todo Make a common method for this
if ( !is_string( $rSig ) || strlen( $rSig ) !== strlen( $cSig ) ) {
$verified = false;
} else {
$result = 0;
- for ( $i = 0; $i < strlen( $cSig ); $i++ ) {
+ $cSigLength = strlen( $cSig );
+ for ( $i = 0; $i < $cSigLength; $i++ ) {
$result |= ord( $cSig[$i] ) ^ ord( $rSig[$i] );
}
$verified = ( $result == 0 );
*
* @note: also called from Wiki.php
*
- * @param integer $maxJobs Maximum number of jobs to run
+ * @param int $maxJobs Maximum number of jobs to run
* @return void
*/
public static function executeJobs( $maxJobs ) {
}
} while ( --$n && $job );
} catch ( MWException $e ) {
+ MWExceptionHandler::rollbackMasterChangesAndLog( $e );
// We don't want exceptions thrown during job execution to
// be reported to the user since the output is already sent.
// Instead we just log them.