Home > mailing lists

Re: using explicit_bzero - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: using explicit_bzero
Date	July 11, 2019 04:11:45
Msg-id	20190711011145.GE4500@paquier.xyz Whole thread Raw
In response to	Re: using explicit_bzero (Michael Paquier <michael@paquier.xyz>)
Responses	Re: using explicit_bzero (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
List	pgsql-hackers

Tree view

On Mon, Jun 24, 2019 at 02:08:50PM +0900, Michael Paquier wrote:
> CreateRole() and AlterRole() can manipulate a password in plain format
> in memory.  The cleanup could be done just after calling
> encrypt_password() in user.c.
>
> Could it be possible to add the new flag in pg_config.h.win32?

While remembering about it...  Shouldn't the memset(0) now happening in
base64.c for the encoding and encoding routines when facing a failure
use explicit_zero()?
--
Michael

Attachment

signature.asc

pgsql-hackers by date:

From: Michael Paquier
Date: 11 July 2019, 03:55:01
Subject: Re: [sqlsmith] Crash in mcv_get_match_bitmap

From: Robert Haas
Date: 11 July 2019, 05:23:55
Subject: Re: progress report for ANALYZE

Re: using explicit_bzero - Mailing list pgsql-hackers

Attachment

Previous

Next