postgresql-interfaces/psqlodbc GitHub issues and pull requests (mirror)
help / color / mirror / Atom feedFrom: faviansamatha (@faviansamatha) <[email protected]>
To: postgresql-interfaces/psqlodbc <[email protected]>
Subject: [postgresql-interfaces/psqlodbc] PR #105: chore: change memset to memset_s/SecureZeroMemory
Date: Wed, 09 Apr 2025 23:50:28 +0000
Message-ID: <[email protected]> (raw)
`memset` can be declared as "unsafe" because compiler optimizations could remove it from the program. This is especially problematic when we rely on it to clear out data containing sensitive information such as password.
This PR changes the calls against for `memset` to `pg_memset` and it does this differently depending on UNIX and Windows.
UNIX: Change `memset` to use `memset_s`. `memset_s` is guaranteed to not be optimized away by the compiler.
Windows: Windows cannot use `memset_s` because it is an optional function in C11 and MSVC does not provide an implementation for it. In order to mitigate this, we can use SecureZeroMemory instead.
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: github://postgresql-interfaces/psqlodbc
Cc: [email protected], [email protected]
Subject: Re: [postgresql-interfaces/psqlodbc] PR #105: chore: change memset to memset_s/SecureZeroMemory
In-Reply-To: <<[email protected]>>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox