Re: Possible memory leak on getspnam / getspnam_r

["Jean D'Elboux" <j () bsd com br>]

Thanks for your email Travis.


> Alternatively, a new function cleanup_and_zeroize_caches() could added. A
> user
> could call this after fork().

Yes, I've suggested something similar as an alternative (please check NB at
the end of my email).


> Of course, introducing a new function complicates the APIs and requires
> developers to add them. Also, to support multiple versions of libraries,
> developers would need to protect the call with an '#ifdef
> SUPPORTS_NEW_FUNCTION'.

In order to avoid more complexity to the API, instead of creating a new
function, endspent() could be bzero() internal buffer, since the user is
expressing he/she is done processing when calling it.