Re: using explicit_bzero
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2019-07-11T01:11:45Z
Lists: pgsql-hackers
On Mon, Jun 24, 2019 at 02:08:50PM +0900, Michael Paquier wrote: > CreateRole() and AlterRole() can manipulate a password in plain format > in memory. The cleanup could be done just after calling > encrypt_password() in user.c. > > Could it be possible to add the new flag in pg_config.h.win32? While remembering about it... Shouldn't the memset(0) now happening in base64.c for the encoding and encoding routines when facing a failure use explicit_zero()? -- Michael
Commits
-
Use explicit_bzero
- 74a308cf5221 13.0 landed