Re: PROPOSAL: make PostgreSQL sanitizers-friendly (and prevent information disclosure)

On 03/21/2016 06:08 AM, Aleksander Alekseev wrote:

> As you may see there are "holes" that were in fact not filled. Under
> normal conditions they will be filled with data previously stored on
> stack which could be anything including passwords and other private
> data. Afterwards this structure is written to disk where potentially
> someone who not supposed to see this data may see it.
> 
> I realize this is not a big problem in practice.

Well, the documentation already says to avoid it:

http://www.postgresql.org/docs/current/static/xfunc-c.html
  Another important point is to avoid leaving any uninitialized  bits within data type values; for example, take care
tozero out  any alignment padding bytes that might be present in structs.
 

so I don't think what you're suggesting would be controversial
at all; it looks like what you've done is found a(t least one)
bug where the documented practice wasn't followed, and it's good
to find any such places.

-Chap