> On 13 Jun 2025, at 18:41, Taras Kloba <sql.ua.tech@gmail.com> wrote:
>
> Hi hackers,
>
> I discovered a minor security issue in the OAuth authentication code where
> sensitive bearer tokens are not completely cleared from memory.
>
> ## The Issue
>
> In src/backend/libpq/auth-oauth.c, the oauth_exchange() function attempts to
> clear the bearer token from memory using explicit_bzero(), but it only clears
> inputlen bytes. Since the buffer is allocated with pstrdup(), which allocates
> strlen(input) + 1 bytes, the null terminator byte remains uncleared.
Maybe I'm lacking imagination, but I fail to see how it's a security issue to
not set a byte to \0 when it is known to be \0?
--
Daniel Gustafsson
