Re: using explicit_bzero

Поиск
Список
Период
Сортировка
От Thomas Munro
Тема Re: using explicit_bzero
Дата
Msg-id CA+hUKGL2mmC43Oe2DouyvvEOmoKCGu82n7+oQ_jznCLwM15DZw@mail.gmail.com
обсуждение исходный текст
Ответ на Re: using explicit_bzero  (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
Ответы Re: using explicit_bzero
Список pgsql-hackers
Дерево обсуждения 
On Mon, Jun 24, 2019 at 7:57 AM Peter Eisentraut
<peter.eisentraut@2ndquadrant.com> wrote:
> On 2019-06-23 21:55, Peter Eisentraut wrote:
> > On 2019-06-21 15:25, Tom Lane wrote:
> >> years ago (067a5cdb3).  Please use memset() for the substitute instead.
> >
> > OK, done.

+#ifndef HAVE_EXPLICIT_BZERO
+#define explicit_bzero(b, len) memset(b, 0, len)
+#endif

I noticed some other libraries use memset through a function pointer
or at least define a function the compiler can't see.

> and with patch attached

The ssl tests fail:

FATAL:  could not load private key file "server-password.key": bad decrypt

That's apparently due to the passphrase being clobbered in the output
buffer before we've managed to use it:

@@ -118,6 +118,7 @@ run_ssl_passphrase_command(const char *prompt,
bool is_server_start, char *buf,
                buf[--len] = '\0';

 error:
+       explicit_bzero(buf, size);
        pfree(command.data);
        return len;
 }

-- 
Thomas Munro
https://enterprisedb.com

В списке pgsql-hackers по дате отправления: