oss-sec mailing list archives
Re: Possible memory leak on getspnam / getspnam_r
From: "Jean D'Elboux" <j () bsd com br>
Date: Wed, 25 Aug 2021 17:11:43 -0300
Thanks for your email Travis.
Alternatively, a new function cleanup_and_zeroize_caches() could added. A user could call this after fork().
Yes, I've suggested something similar as an alternative (please check NB at the end of my email).
Of course, introducing a new function complicates the APIs and requires developers to add them. Also, to support multiple versions of libraries, developers would need to protect the call with an '#ifdef SUPPORTS_NEW_FUNCTION'.
In order to avoid more complexity to the API, instead of creating a new function, endspent() could be bzero() internal buffer, since the user is expressing he/she is done processing when calling it.
Current thread:
- Possible memory leak on getspnam / getspnam_r Jean Diogo (Aug 25)
- Re: Possible memory leak on getspnam / getspnam_r Travis Finkenauer (Aug 25)
- Message not available
- Re: Possible memory leak on getspnam / getspnam_r Jean D'Elboux (Aug 26)
- Message not available
- Re: Possible memory leak on getspnam / getspnam_r Travis Finkenauer (Aug 25)
- Re: Possible memory leak on getspnam / getspnam_r Solar Designer (Sep 06)