From owner-freebsd-bugs  Mon Jan 13 13:49:47 1997
Return-Path: <owner-bugs>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id NAA08283
          for bugs-outgoing; Mon, 13 Jan 1997 13:49:47 -0800 (PST)
Received: from frmug.org (frmug-gw.frmug.org [193.56.58.252])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id NAA08278
          for <freebsd-bugs@freefall.freebsd.org>; Mon, 13 Jan 1997 13:49:42 -0800 (PST)
Received: (from uucp@localhost) by frmug.org (8.8.2/8.8.2/frmug-1.3) with UUCP id WAA06313; Mon, 13 Jan 1997 22:49:22 +0100 (MET)
Received: from localhost (localhost [127.0.0.1]) by xp11.frmug.org (8.8.4/8.7.3/xp11-uucp-1.1) with ESMTP id MAA07158; Sun, 12 Jan 1997 12:34:35 +0100 (CET)
Message-Id: <199701121134.MAA07158@xp11.frmug.org>
To: davidn@blaze.net.au
cc: freebsd-bugs@freefall.freebsd.org
Subject: Re: bin/2442: setusershell()/endusershell() missing 
In-reply-to: Your message of "Thu, 11 Jan 1996 01:40:10 GMT."
             <Pine.BSF.3.95.960111012722.438A-100000@labs.usn.blaze.net.au> 
Date: Sun, 12 Jan 1997 12:34:35 +0100
From: "Philippe Charnier" <charnier@xp11.frmug.org>
Sender: owner-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Salut,

David Nugent <davidn@unique.usn.blaze.net.au> wrote:

>
>The problem in some places patched is that 'sh' will point to
>memory that has been free()'ed by the call to endusershell(). Not
>all, but some.
>

Most of the cases are safe imho, because 'sh' is tested against NULL
after endusershell() but never dereferenced. We can move enduser... 2 or 3
lines down to be purist.

The problem with my previous patch, is that it is simply incorrect (as you
mentionned) in /usr/bin/chpass, when 'sh' is returned (it's ok when 'name'
or NULL is returned) (ok_shell(), util.c).

>Either this should be documented, and strdup() called prior
>endusershell() is called and the strdup()ed copy should be
>returned, or /usr/src/lib/libc/gen/getusershell.c should be made
>to not to free that memory, but recycle it should setusershell()
>be called again. I think the latter is a better solution, which
>would allow this patch to work as is. However, libc needs to be
>fixed first.
>

I prefer the first (strdup() if I want to keep the result, then endusershell())
because I don't like waiting for exit() to free my memory.

Please add a line in the man page saying that a return value of getuser...
must not be dereferenced after enduser... is called.

------                                                            ------ 
Philippe Charnier                               charnier@lirmm.fr (smtp)       
                                          charnier@xp11.frmug.org (uucp) 

    ``a PC not running FreeBSD is like a venusian with no tentacles'' 
------------------------------------------------------------------------