return Ints.saturatedCast(sum);
  }

  /*
   * We override the toArray methods for two reasons:
   *
   * 1. Both superclass toArray methods assume that size() gives a correct answer, while our size()
   * might not (and the answer might change while we're building the array).
   *
   * TODO: cpovirk - Is this an issue anywhere anymore? It looks to have been fixed for Java 8

                intent: 'Analyzing question...',
                search: 'Searching documents...',
                evaluate: 'Evaluating results...',
                fetch: 'Retrieving content...',
                answer: 'Generating answer...'
            },
            errors: {
                rate_limit: 'It\'s currently busy. Please wait a moment and try again.',

    return Ints.saturatedCast(sum);
  }

  /*
   * We override the toArray methods for two reasons:
   *
   * 1. Both superclass toArray methods assume that size() gives a correct answer, while our size()
   * might not (and the answer might change while we're building the array).
   *
   * TODO: cpovirk - Is this an issue anywhere anymore? It looks to have been fixed for Java 8

## Mark GitHub Discussions Answers

When a question in GitHub Discussions has been answered, mark the answer by clicking "Mark as answer".

        sum += value;
      }
      return Ints.saturatedCast(sum);
    }

    /*
     * Note: the superclass toArray() methods assume that size() gives a correct
     * answer, which ours does not.
     */

    @Override
    public Object[] toArray() {
      return snapshot().toArray();
    }

    @Override
    public <T> T[] toArray(T[] array) {

		18: {bucketName: bucket, objName: object, inputData: nilBytes, inputMeta: map[string]string{"answer": "42"}, inputDataSize: int64(len(nilBytes)), expectedMd5: getMD5Hash(nilBytes)},

    ...
```

Python은 두 문자열이 같지 않다는 것을 알아차리기 전까지 `stanleyjobsox`와 `stanleyjobson` 양쪽의 `stanleyjobso` 전체를 비교해야 합니다. 그래서 "Incorrect username or password"라고 응답하기까지 추가로 몇 마이크로초가 더 걸릴 것입니다.

#### 응답 시간은 공격자에게 도움이 됩니다 { #the-time-to-answer-helps-the-attackers }

이 시점에서 서버가 "Incorrect username or password" 응답을 보내는 데 몇 마이크로초 더 걸렸다는 것을 알아채면, 공격자들은 _무언가_ 맞았다는 것(초기 몇 글자가 맞았다는 것)을 알게 됩니다.

그리고 `johndoe`보다는 `stanleyjobsox`에 더 가까운 값을 시도해야 한다는 것을 알고 다시 시도할 수 있습니다.

            }

            if (intentResult.getIntent() == ChatIntent.UNCLEAR) {
                // Unclear intent - generate answer with empty documents to ask for clarification
                final LlmChatResponse llmResponse = llmClientManager.generateAnswer(userMessage, Collections.emptyList(), history);

def is_cygwin():
  return platform.system().startswith('CYGWIN_NT')


def get_input(question):
  try:
    try:
      answer = raw_input(question)
    except NameError:
      answer = input(question)  # pylint: disable=bad-builtin
  except EOFError:
    answer = ''
  return answer


def symlink_force(target, link_name):
  """Force symlink, equivalent of 'ln -sf'.

  Args:
    target: items to link to.

if "stanleyjobsox" == "stanleyjobson" and "love123" == "swordfish":
    ...
```

此时，Python 要对比 `stanleyjobsox` 与 `stanleyjobson` 中的 `stanleyjobso`，才能知道这两个字符串不一样。因此会多花费几微秒来返回**错误的用户或密码**。

#### 反应时间对攻击者的帮助 { #the-time-to-answer-helps-the-attackers }

通过服务器花费了更多微秒才发送**错误的用户或密码**响应，攻击者会知道猜对了一些内容，起码开头字母是正确的。

然后，他们就可以放弃 `johndoe`，再用类似 `stanleyjobsox` 的内容进行尝试。

#### **专业**攻击 { #a-professional-attack }