#include <iostream>

bool password_equals(const std::string &s1,const std::string &s2){
	// originally i wanted this as a 3rd parameter, but then it could easily
	// be misused by the caller, and leak the password length 
	// (if the caller did max_length = MAX(s1.length(),s2.length()) on the hacker's input)
	const int max_length=500;
	// TODO: should probably throw a runtime_error or something if either input.length() > max_length
	char s1c[max_length]={0};
	char s2c[max_length]={0};
	s1.copy(&s1c[0],max_length);
	s2.copy(&s2c[0],max_length);
	int result=0;
	for (int i = 0; i < max_length; ++i) {
		result |= s1c[i] ^ s2c[i];
	}
	return (result==0);
}
 
int main() {
	// your code goes here
	std::cout << password_equals("yup","yup") << " - " << password_equals("yup","nope");
	return 0;
}