Use explicit_bzero

Enterprise / PostgreSQL - Peter Eisentraut [eisentraut.org] - 5 September 2019 06:30 EDT

Use the explicit_bzero() function in places where it is important that security information such as passwords is cleared from memory. There might be other places where it could be useful; this is just an initial collection.

For platforms that don't have explicit_bzero(), provide various fallback implementations. (explicit_bzero() itself isn't standard, but as Linux/glibc, FreeBSD, and OpenBSD have it, it's the most common spelling, so it makes sense to make that the invocation point.)

Discussion: https://www.postgresql.org/message-id/flat/42d26bde-5d5b-c90d-87ae-6cab875f73be%402ndquadrant.com

74a308cf52 Use explicit_bzero
configure | 15 +++++++++-
configure.in | 2 ++
src/backend/libpq/be-secure-common.c | 3 ++
src/include/pg_config.h.in | 6 ++++
src/include/pg_config.h.win32 | 6 ++++
src/include/port.h | 4 +++
src/interfaces/libpq/fe-connect.c | 8 ++++++
src/port/explicit_bzero.c | 55 ++++++++++++++++++++++++++++++++++++
src/tools/msvc/Mkvcbuild.pm | 2 +-
9 files changed, 99 insertions(+), 2 deletions(-)

Upstream: git.postgresql.org


  • Share