mirror of
https://github.com/postgres/postgres.git
synced 2025-08-30 06:01:21 +03:00
74a308cf52
Use the explicit_bzero() function in places where it is important that security information such as passwords is cleared from memory. There might be other places where it could be useful; this is just an initial collection. For platforms that don't have explicit_bzero(), provide various fallback implementations. (explicit_bzero() itself isn't standard, but as Linux/glibc, FreeBSD, and OpenBSD have it, it's the most common spelling, so it makes sense to make that the invocation point.) Discussion: https://www.postgresql.org/message-id/flat/42d26bde-5d5b-c90d-87ae-6cab875f73be%402ndquadrant.com
src/port/README
libpgport
=========
libpgport must have special behavior. It supplies functions to both
libraries and applications. However, there are two complexities:
1) Libraries need to use object files that are compiled with exactly
the same flags as the library. libpgport might not use the same flags,
so it is necessary to recompile the object files for individual
libraries. This is done by removing -lpgport from the link line:
# Need to recompile any libpgport object files
LIBS := $(filter-out -lpgport, $(LIBS))
and adding infrastructure to recompile the object files:
OBJS= execute.o typename.o descriptor.o data.o error.o prepare.o memory.o \
connect.o misc.o path.o exec.o \
$(filter strlcat.o, $(LIBOBJS))
The problem is that there is no testing of which object files need to be
added, but missing functions usually show up when linking user
applications.
2) For applications, we use -lpgport before -lpq, so the static files
from libpgport are linked first. This avoids having applications
dependent on symbols that are _used_ by libpq, but not intended to be
exported by libpq. libpq's libpgport usage changes over time, so such a
dependency is a problem. Windows, Linux, and macOS use an export list to
control the symbols exported by libpq.