Use explicit_bzero
Use the explicit_bzero() function in places where it is important that
security information such as passwords is cleared from memory. There
might be other places where it could be useful; this is just an
initial collection.
For platforms that don't have explicit_bzero(), provide various
fallback implementations. (explicit_bzero() itself isn't standard,
but as Linux/glibc, FreeBSD, and OpenBSD have it, it's the most common
spelling, so it makes sense to make that the invocation point.)
Discussion: https://www.postgresql.org/message-id/flat/42d26bde-5d5b-c90d-87ae-6cab875f73be%402ndquadrant.com
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/74a308cf5221f491776fcdb4dc36eb61678dbc6f
Modified Files
--------------
configure | 15 +++++++++-
configure.in | 2 ++
src/backend/libpq/be-secure-common.c | 3 ++
src/include/pg_config.h.in | 6 ++++
src/include/pg_config.h.win32 | 6 ++++
src/include/port.h | 4 +++
src/interfaces/libpq/fe-connect.c | 8 ++++++
src/port/explicit_bzero.c | 55 ++++++++++++++++++++++++++++++++++++
src/tools/msvc/Mkvcbuild.pm | 2 +-
9 files changed, 99 insertions(+), 2 deletions(-)