mirror of
https://github.com/postgres/postgres.git
synced 2026-04-12 12:36:49 -04:00
74a308cf52
Use the explicit_bzero() function in places where it is important that security information such as passwords is cleared from memory. There might be other places where it could be useful; this is just an initial collection. For platforms that don't have explicit_bzero(), provide various fallback implementations. (explicit_bzero() itself isn't standard, but as Linux/glibc, FreeBSD, and OpenBSD have it, it's the most common spelling, so it makes sense to make that the invocation point.) Discussion: https://www.postgresql.org/message-id/flat/42d26bde-5d5b-c90d-87ae-6cab875f73be%402ndquadrant.com
55 lines
1 KiB
C
55 lines
1 KiB
C
/*-------------------------------------------------------------------------
|
|
*
|
|
* explicit_bzero.c
|
|
*
|
|
* Portions Copyright (c) 1996-2019, PostgreSQL Global Development Group
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
*
|
|
*
|
|
* IDENTIFICATION
|
|
* src/port/explicit_bzero.c
|
|
*
|
|
*-------------------------------------------------------------------------
|
|
*/
|
|
|
|
#include "c.h"
|
|
|
|
#if defined(HAVE_MEMSET_S)
|
|
|
|
void
|
|
explicit_bzero(void *buf, size_t len)
|
|
{
|
|
(void) memset_s(buf, len, 0, len);
|
|
}
|
|
|
|
#elif defined(WIN32)
|
|
|
|
void
|
|
explicit_bzero(void *buf, size_t len)
|
|
{
|
|
(void) SecureZeroMemory(buf, len);
|
|
}
|
|
|
|
#else
|
|
|
|
/*
|
|
* Indirect call through a volatile pointer to hopefully avoid dead-store
|
|
* optimisation eliminating the call. (Idea taken from OpenSSH.) We can't
|
|
* assume bzero() is present either, so for simplicity we define our own.
|
|
*/
|
|
|
|
static void
|
|
bzero2(void *buf, size_t len)
|
|
{
|
|
memset(buf, 0, len);
|
|
}
|
|
|
|
static void (* volatile bzero_p)(void *, size_t) = bzero2;
|
|
|
|
void
|
|
explicit_bzero(void *buf, size_t len)
|
|
{
|
|
bzero_p(buf, len);
|
|
}
|
|
|
|
#endif
|