[PATCH] memset_s() and talloc_set_secure()

Andreas Schneider asn at samba.org
Wed Mar 27 10:51:59 UTC 2019

On Wednesday, March 27, 2019 3:42:58 AM CET Jeremy Allison wrote:
> On Wed, Mar 27, 2019 at 02:13:17PM +1300, Andrew Bartlett via samba-
technical wrote:
> > All I can say is we had an agreed approach, and we have reviewed
> > patches but now we are back in the weeds.
> Well let's get more data first on the costs of the flag
> approach. If it's costly, then refusing it is clear.
> If it's cheap, then we should look more carefully
> at the flag approach because Simo's security arguments
> are valid (IMHO).
> Don't want extra complexity we have to pay for if
> it's not going to be used, but marking memory as
> 'sensitive' does seem to be a feature that will get
> used (as we handle security-sensitive data inside
> Samba quite a bit).

Just to be clear and to avoid double work, you will work on the performance 

I've extended the talloc_realloc() tests in my branch to prove that increasing 
and decreasing the memory correctly call memset_s() and also that 
talloc_realloc(0) frees the memory and zeros it.

Andreas Schneider                      asn at samba.org
Samba Team                             www.samba.org
GPG-ID:     8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D

More information about the samba-technical mailing list