unread
Hi,
Incidentally, I've been doing some research on this problem, so here's
my 2 cents:
Why not add a third parameter to specify the minimum length? Something
like a time-attack-safe strncmp(). Give that parameter a sane enough
value for today and it could be increased in the future without
changing APIs and upsetting users.
+1 on E_WARNING for non-string input.
Cheers,
Andrey.