On 2019-07-18 00:45, Tom Lane wrote:
> Alvaro Herrera <alvherre@2ndquadrant.com> writes:
>> On 2019-Jul-11, Thomas Munro wrote:
>>> Following a trail of crumbs beginning at OpenSSH's fallback
>>> implementation of this[1], I learned that C11 has standardised
>>> memset_s[2] for this purpose. Macs have memset_s but no
>>> explicit_bzero. FreeBSD has both. I wonder if it'd be better to make
>>> memset_s the function we use in our code, considering its standard
>>> blessing and therefore likelihood of being available on every system
>>> eventually.
>
>> Sounds like a future-proof way would be to implement memset_s in
>> src/port if absent from the OS (using explicit_bzero and other tricks),
>> and use that.
>
> +1 for using the C11-standard name, even if that's not anywhere
> in the real world yet.
ISTM that a problem is that you cannot implement a replacement
memset_s() as a wrapper around explicit_bzero(), unless you also want to
implement the bound checking stuff. (The "s"/safe in this family of
functions refers to the bound checking, not the cannot-be-optimized-away
property.) The other way around it is easier.
Also, the "s" family of functions appears to be a quagmire of
controversy and incompatibility, so it's perhaps better to stay away
from it for the time being.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services