| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: using explicit_bzero |
| Date: | 2019-06-24 05:08:50 |
| Message-ID: | 20190624050850.GE1637@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, Jun 23, 2019 at 09:57:18PM +0200, Peter Eisentraut wrote:
> On 2019-06-23 21:55, Peter Eisentraut wrote:
>> On 2019-06-21 15:25, Tom Lane wrote:
>>> Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> writes:
>>>> +#ifndef HAVE_EXPLICIT_BZERO
>>>> +#define explicit_bzero(b, len) bzero(b, len)
>>>> +#endif
>>>
>>> This presumes that every platform has bzero, which is unsafe (POSIX
>>> doesn't specify it) and is an assumption we kicked to the curb a dozen
>>> years ago (067a5cdb3). Please use memset() for the substitute instead.
+1.
>> OK, done.
>
> and with patch attached
CreateRole() and AlterRole() can manipulate a password in plain format
in memory. The cleanup could be done just after calling
encrypt_password() in user.c.
Could it be possible to add the new flag in pg_config.h.win32?
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2019-06-24 05:10:28 | Re: using explicit_bzero |
| Previous Message | Michael Paquier | 2019-06-24 04:06:16 | Re: check_recovery_target_lsn() does a PG_CATCH without a throw |