On 2019-07-18 00:45, Tom Lane wrote: > Alvaro Herrera <alvhe...@2ndquadrant.com> writes: >> On 2019-Jul-11, Thomas Munro wrote: >>> Following a trail of crumbs beginning at OpenSSH's fallback >>> implementation of this[1], I learned that C11 has standardised >>> memset_s[2] for this purpose. Macs have memset_s but no >>> explicit_bzero. FreeBSD has both. I wonder if it'd be better to make >>> memset_s the function we use in our code, considering its standard >>> blessing and therefore likelihood of being available on every system >>> eventually. > >> Sounds like a future-proof way would be to implement memset_s in >> src/port if absent from the OS (using explicit_bzero and other tricks), >> and use that. > > +1 for using the C11-standard name, even if that's not anywhere > in the real world yet.
ISTM that a problem is that you cannot implement a replacement memset_s() as a wrapper around explicit_bzero(), unless you also want to implement the bound checking stuff. (The "s"/safe in this family of functions refers to the bound checking, not the cannot-be-optimized-away property.) The other way around it is easier. Also, the "s" family of functions appears to be a quagmire of controversy and incompatibility, so it's perhaps better to stay away from it for the time being. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
