From e193fbcf04833de829069b5e737a27b83c667703 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Sun, 23 Jun 2019 21:53:14 +0200 Subject: [PATCH v2] Use explicit_bzero --- configure | 2 +- configure.in | 1 + src/backend/libpq/be-secure-common.c | 1 + src/include/pg_config.h.in | 3 +++ src/include/port.h | 4 ++++ src/interfaces/libpq/fe-connect.c | 8 ++++++++ 6 files changed, 18 insertions(+), 1 deletion(-) diff --git a/configure b/configure index 8d47071e4a..c88153fff5 100755 --- a/configure +++ b/configure @@ -15176,7 +15176,7 @@ fi LIBS_including_readline="$LIBS" LIBS=`echo "$LIBS" | sed -e 's/-ledit//g' -e 's/-lreadline//g'` -for ac_func in cbrt clock_gettime copyfile fdatasync getifaddrs getpeerucred getrlimit mbstowcs_l memmove poll posix_fallocate ppoll pstat pthread_is_threaded_np readlink setproctitle setproctitle_fast setsid shm_open strchrnul strsignal symlink sync_file_range uselocale utime utimes wcstombs_l +for ac_func in cbrt clock_gettime copyfile explicit_bzero fdatasync getifaddrs getpeerucred getrlimit mbstowcs_l memmove poll posix_fallocate ppoll pstat pthread_is_threaded_np readlink setproctitle setproctitle_fast setsid shm_open strchrnul strsignal symlink sync_file_range uselocale utime utimes wcstombs_l do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" diff --git a/configure.in b/configure.in index 74938d4190..7e96d1d419 100644 --- a/configure.in +++ b/configure.in @@ -1615,6 +1615,7 @@ AC_CHECK_FUNCS(m4_normalize([ cbrt clock_gettime copyfile + explicit_bzero fdatasync getifaddrs getpeerucred diff --git a/src/backend/libpq/be-secure-common.c b/src/backend/libpq/be-secure-common.c index 877226d377..4c1c6cb3c4 100644 --- a/src/backend/libpq/be-secure-common.c +++ b/src/backend/libpq/be-secure-common.c @@ -118,6 +118,7 @@ run_ssl_passphrase_command(const char *prompt, bool is_server_start, char *buf, buf[--len] = '\0'; error: + explicit_bzero(buf, size); pfree(command.data); return len; } diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in index 6cd4cfed0a..0062a4a426 100644 --- a/src/include/pg_config.h.in +++ b/src/include/pg_config.h.in @@ -201,6 +201,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_EDITLINE_READLINE_H +/* Define to 1 if you have the `explicit_bzero' function. */ +#undef HAVE_EXPLICIT_BZERO + /* Define to 1 if you have the `fdatasync' function. */ #undef HAVE_FDATASYNC diff --git a/src/include/port.h b/src/include/port.h index b5c03d912b..7c8b5138ba 100644 --- a/src/include/port.h +++ b/src/include/port.h @@ -381,6 +381,10 @@ extern int isinf(double x); #endif /* __clang__ && !__cplusplus */ #endif /* !HAVE_ISINF */ +#ifndef HAVE_EXPLICIT_BZERO +#define explicit_bzero(b, len) memset(b, 0, len) +#endif + #ifndef HAVE_STRTOF extern float strtof(const char *nptr, char **endptr); #endif diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index c800d7921e..887b8f6775 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -3884,7 +3884,10 @@ freePGconn(PGconn *conn) if (conn->connhost[i].port != NULL) free(conn->connhost[i].port); if (conn->connhost[i].password != NULL) + { + explicit_bzero(conn->connhost[i].password, strlen(conn->connhost[i].password)); free(conn->connhost[i].password); + } } free(conn->connhost); } @@ -3918,7 +3921,10 @@ freePGconn(PGconn *conn) if (conn->pguser) free(conn->pguser); if (conn->pgpass) + { + explicit_bzero(conn->pgpass, strlen(conn->pgpass)); free(conn->pgpass); + } if (conn->pgpassfile) free(conn->pgpassfile); if (conn->keepalives) @@ -6935,6 +6941,7 @@ passwordFromFile(const char *hostname, const char *port, const char *dbname, if (!ret) { /* Out of memory. XXX: an error message would be nice. */ + explicit_bzero(buf, sizeof(buf)); return NULL; } @@ -6951,6 +6958,7 @@ passwordFromFile(const char *hostname, const char *port, const char *dbname, } fclose(fp); + explicit_bzero(buf, sizeof(buf)); return NULL; #undef LINELEN base-commit: 1323bfce55109dd54ee164828aab7983d3020a25 -- 2.22.0