database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-05-01 01:04:50 +03:00
Code

Use explicit_bzero() when clearing sslpassword in libpq

Browse Source 
Since 74a308c, any security-sensitive information gets cleared from
memory this way.  This was forgotten in 4dc6355.

Author: Daniel Gustafsson
Reviewed-by: Peter Eisentraut, Michael Paquier
Discussion: https://postgr.es/m/935443BA-D42E-4CE0-B181-1AD79E6DD45A@yesql.se
This commit is contained in:
Michael Paquier 2020-05-21 15:49:20 +09:00
parent d2a9959907
commit e4db972ed5
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/interfaces/libpq/fe-connect.c
View File

@ -4037,7 +4037,10 @@ freePGconn(PGconn *conn)
if (conn->sslkey) if (conn->sslkey)
free(conn->sslkey); free(conn->sslkey);
if (conn->sslpassword) if (conn->sslpassword)
{
explicit_bzero(conn->sslpassword, strlen(conn->sslpassword));
free(conn->sslpassword); free(conn->sslpassword);
}
if (conn->sslrootcert) if (conn->sslrootcert)
free(conn->sslrootcert); free(conn->sslrootcert);
if (conn->sslcrl) if (conn->sslcrl)