Re: using explicit_bzero

Peter Eisentraut <peter.eisentraut@2ndquadrant.com>

From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
To: Michael Paquier <michael@paquier.xyz>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2019-07-22T18:11:29Z
Lists: pgsql-hackers
On 2019-07-11 03:11, Michael Paquier wrote:
> On Mon, Jun 24, 2019 at 02:08:50PM +0900, Michael Paquier wrote:
>> CreateRole() and AlterRole() can manipulate a password in plain format
>> in memory.  The cleanup could be done just after calling
>> encrypt_password() in user.c.
>>
>> Could it be possible to add the new flag in pg_config.h.win32?
> 
> While remembering about it...  Shouldn't the memset(0) now happening in
> base64.c for the encoding and encoding routines when facing a failure
> use explicit_zero()?

base64.c doesn't know what the data it is dealing with is used for.
That should be the responsibility of the caller, no?

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services



Commits

  1. Use explicit_bzero