On Mon, Jun 24, 2019 at 7:57 AM Peter Eisentraut
<peter.eisentr...@2ndquadrant.com> wrote:
> On 2019-06-23 21:55, Peter Eisentraut wrote:
> > On 2019-06-21 15:25, Tom Lane wrote:
> >> years ago (067a5cdb3). Please use memset() for the substitute instead.
> >
> > OK, done.
+#ifndef HAVE_EXPLICIT_BZERO
+#define explicit_bzero(b, len) memset(b, 0, len)
+#endif
I noticed some other libraries use memset through a function pointer
or at least define a function the compiler can't see.
> and with patch attached
The ssl tests fail:
FATAL: could not load private key file "server-password.key": bad decrypt
That's apparently due to the passphrase being clobbered in the output
buffer before we've managed to use it:
@@ -118,6 +118,7 @@ run_ssl_passphrase_command(const char *prompt,
bool is_server_start, char *buf,
buf[--len] = '\0';
error:
+ explicit_bzero(buf, size);
pfree(command.data);
return len;
}
--
Thomas Munro
https://enterprisedb.com
