From 8802d0305e97c5b23213e50df9daabbc563b1de6 Mon Sep 17 00:00:00 2001
From: Alexander Makarov <sam@rmcreative.ru>
Date: Wed, 23 Jul 2014 16:42:41 +0400
Subject: [PATCH] Avoid method call in for condition

---
 framework/base/Security.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/framework/base/Security.php b/framework/base/Security.php
index 29d4ea1..5f69d00 100644
--- a/framework/base/Security.php
+++ b/framework/base/Security.php
@@ -497,7 +497,7 @@ class Security extends Component
     {
         // timing attack resistant approach:
         $diff = 0;
-        for ($i = 0; $i < StringHelper::byteLength($actual); $i++) {
+        for ($i = 0, $length = StringHelper::byteLength($actual); $i < $length; $i++) {
             $diff |= (ord($actual[$i]) ^ ord($expected[$i]));
         }
         return $diff === 0;
--
libgit2 0.27.1