From owner-svn-src-head@FreeBSD.ORG Mon Mar 30 16:03:24 2009 Return-Path: Delivered-To: svn-src-head@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D623C10656F3; Mon, 30 Mar 2009 16:03:24 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (lor.one-eyed-alien.net [69.66.77.232]) by mx1.freebsd.org (Postfix) with ESMTP id 756E68FC08; Mon, 30 Mar 2009 16:03:24 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (localhost [127.0.0.1]) by lor.one-eyed-alien.net (8.14.3/8.14.3) with ESMTP id n2UFi2Fs095159; Mon, 30 Mar 2009 10:44:02 -0500 (CDT) (envelope-from brooks@lor.one-eyed-alien.net) Received: (from brooks@localhost) by lor.one-eyed-alien.net (8.14.3/8.14.3/Submit) id n2UFi2M5095158; Mon, 30 Mar 2009 10:44:02 -0500 (CDT) (envelope-from brooks) Date: Mon, 30 Mar 2009 10:44:02 -0500 From: Brooks Davis To: user@vk2pj.dyndns.org Message-ID: <20090330154402.GB94338@lor.one-eyed-alien.net> References: <200903280400.n2S40kW1083700@svn.freebsd.org> <20090330101850.GB31695@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="p4qYPpj5QlsIQJ0K" Content-Disposition: inline In-Reply-To: <20090330101850.GB31695@server.vk2pj.dyndns.org> User-Agent: Mutt/1.5.17 (2007-11-01) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (lor.one-eyed-alien.net [127.0.0.1]); Mon, 30 Mar 2009 10:44:02 -0500 (CDT) Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org, Xin LI Subject: Re: svn commit: r190482 - in head/lib/libc/db: . btree hash mpool X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Mar 2009 16:03:28 -0000 --p4qYPpj5QlsIQJ0K Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 30, 2009 at 09:18:50PM +1100, user@vk2pj.dyndns.org wrote: > Hi Xin, >=20 > On 2009-Mar-28 04:00:46 +0000, Xin LI wrote: > >Log: > > When allocating memory, zero out them if we don't intend to overwrite = them > > all; before freeing memory, zero out them before we release it as free > > heap. This will eliminate some potential information leak issue. >=20 > Given that db runs with the same privileges as the process using it, I > don't see how zeroing memory eliminates any information leak - the > process can directly open and read the underlying db file itself. > Zeroing on allocation may fix any potential issue with uninitialised > structures and prevent the return of garbage in "holes" but that's not > an information leak. Consider /etc/pwd.db. It's world readable, but written by a program that also wrote /etc/spwd.db which definitely is not. -- Brooks --p4qYPpj5QlsIQJ0K Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFJ0OjBXY6L6fI4GtQRAvESAJ99iSa/Int9pUI2qDadRu07tXSsQQCgwR7p ODjNiyr9ZQ1twawRPNNyC+k= =RDbA -----END PGP SIGNATURE----- --p4qYPpj5QlsIQJ0K--