rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use explicit_bzero() when clearing sslpassword in libpq 

Since 74a308c, any security-sensitive information gets cleared from
memory this way.  This was forgotten in 4dc6355.

Author: Daniel Gustafsson
Reviewed-by: Peter Eisentraut, Michael Paquier
Discussion: https://postgr.es/m/935443BA-D42E-4CE0-B181-1AD79E6DD45A@yesql.se
This commit is contained in:
Michael Paquier 2020-05-21 15:49:20 +09:00
parent d2a9959907
commit e4db972ed5
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/interfaces/libpq/fe-connect.c
View File

@ -4037,7 +4037,10 @@ freePGconn(PGconn *conn)
if (conn->sslkey)
free(conn->sslkey);
if (conn->sslpassword)
{
explicit_bzero(conn->sslpassword, strlen(conn->sslpassword));
free(conn->sslpassword);
}
if (conn->sslrootcert)
free(conn->sslrootcert);
if (conn->sslcrl)