| From: | Chapman Flack <chap(at)anastigmatix(dot)net> |
|---|---|
| To: | Aleksander Alekseev <a(dot)alekseev(at)postgrespro(dot)ru>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PROPOSAL: make PostgreSQL sanitizers-friendly (and prevent information disclosure) |
| Date: | 2016-03-21 13:12:39 |
| Message-ID: | 56EFF347.20500@anastigmatix.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 03/21/2016 06:08 AM, Aleksander Alekseev wrote:
> As you may see there are "holes" that were in fact not filled. Under
> normal conditions they will be filled with data previously stored on
> stack which could be anything including passwords and other private
> data. Afterwards this structure is written to disk where potentially
> someone who not supposed to see this data may see it.
>
> I realize this is not a big problem in practice.
Well, the documentation already says to avoid it:
http://www.postgresql.org/docs/current/static/xfunc-c.html
Another important point is to avoid leaving any uninitialized
bits within data type values; for example, take care to zero out
any alignment padding bytes that might be present in structs.
so I don't think what you're suggesting would be controversial
at all; it looks like what you've done is found a(t least one)
bug where the documented practice wasn't followed, and it's good
to find any such places.
-Chap
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2016-03-21 13:15:39 | Re: Applying logical replication changes by more than one process |
| Previous Message | Petr Jelinek | 2016-03-21 13:08:54 | Re: Applying logical replication changes by more than one process |