hash_equals(): Avoid division by zero when $known_string is empty
Per Tim Starling's review of Icb239471, reverted back to the version of
the function from Patch Set 1 of Iece006ec, which did not have the bug.
This version does not attempt to minimize the inevitable leakage of the
Also revised the doc comment to explain more effectively what the problem
with a normal (===) string comparison is for the use cases of this function.
(cherry picked from commit 4620e3b862568d76661e86857779795f4f974e13)