Re: explicit_bzero for sslpassword - Mailing list pgsql-hackers

From Michael Paquier
Subject Re: explicit_bzero for sslpassword
Date
Msg-id 20200520055650.GD2355@paquier.xyz
Whole thread Raw
In response to explicit_bzero for sslpassword  (Daniel Gustafsson <daniel@yesql.se>)
Responses Re: explicit_bzero for sslpassword
List pgsql-hackers
On Tue, May 19, 2020 at 02:33:40PM +0200, Daniel Gustafsson wrote:
> Since commit 74a308cf5221f we use explicit_bzero on pgpass and connhost
> password in libpq, but not sslpassword which seems an oversight.  The attached
> performs an explicit_bzero before freeing like the pattern for other password
> variables.

Good catch, let's fix that.  I would like to apply your suggested fix,
but let's see first if others have any comments.
--
Michael

Attachment

pgsql-hackers by date:

Previous
From: Michael Paquier
Date:
Subject: Re: SyncRepLock acquired exclusively in default configuration
Next
From: Michael Paquier
Date:
Subject: Re: Expand the use of check_canonical_path() for more GUCs