From charnier@xp11.frmug.org  Fri Jan 10 18:05:37 1997
Received: from frmug.org (frmug-gw.frmug.org [193.56.58.252])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id SAA18609
          for <FreeBSD-gnats-submit@freebsd.org>; Fri, 10 Jan 1997 18:05:34 -0800 (PST)
Received: (from uucp@localhost) by frmug.org (8.8.2/8.8.2/frmug-1.3) with UUCP id DAA13006 for FreeBSD-gnats-submit@freebsd.org; Sat, 11 Jan 1997 03:05:31 +0100 (MET)
Received: (from charnier@localhost) by xp11.frmug.org (8.8.4/8.7.3/xp11-uucp-1.1) id CAA28437; Sat, 11 Jan 1997 02:34:58 +0100 (CET)
Message-Id: <199701110134.CAA28437@xp11.frmug.org>
Date: Sat, 11 Jan 1997 02:34:58 +0100 (CET)
From: Philippe Charnier <charnier@xp11.frmug.org>
Reply-To: charnier@xp11.frmug.org
To: FreeBSD-gnats-submit@freebsd.org
Subject: setusershell()/endusershell() missing
X-Send-Pr-Version: 3.2

>Number:         2442
>Category:       bin
>Synopsis:       setusershell()/endusershell() missing
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    charnier
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 10 18:10:01 PST 1997
>Closed-Date:    Sat May 15 12:48:07 PDT 2004
>Last-Modified:  Sat May 15 12:48:07 PDT 2004
>Originator:     Philippe Charnier
>Release:        FreeBSD 3.0-CURRENT i386
>Organization:
>Environment:

	

>Description:

	The right way (TM) should be:
		setusershell()
		some getusershell()
		endusershell()

>How-To-Repeat:

	

>Fix:

Index: ftpd.c
===================================================================
RCS file: /home2h/FreeBSD.cvsroot/src/libexec/ftpd/ftpd.c,v
retrieving revision 1.27
diff -u -r1.27 ftpd.c
--- ftpd.c	1996/11/30 12:00:25	1.27
+++ ftpd.c	1997/01/11 01:14:39
@@ -617,6 +617,7 @@
 	if ((pw = sgetpwnam(name))) {
 		if ((shell = pw->pw_shell) == NULL || *shell == 0)
 			shell = _PATH_BSHELL;
+		setusershell();
 		while ((cp = getusershell()) != NULL)
 			if (strcmp(cp, shell) == 0)
 				break;

Index: user.c
===================================================================
RCS file: /home2h/FreeBSD.cvsroot/src/release/sysinstall/user.c,v
retrieving revision 1.7
diff -u -r1.7 user.c
--- user.c	1997/01/03 06:41:41	1.7
+++ user.c	1997/01/11 01:15:29
@@ -423,6 +423,7 @@
 	}
     }
     if (strlen(shell) > 0) {
+	setusershell();
 	while((cp = getusershell()) != NULL)
 	    if (strcmp(cp, shell) == 0)
 		break;

Index: util.c
===================================================================
RCS file: /home2h/FreeBSD.cvsroot/src/usr.bin/chpass/util.c,v
retrieving revision 1.5
diff -u -r1.5 util.c
--- util.c	1996/08/12 14:45:26	1.5
+++ util.c	1997/01/11 01:16:20
@@ -137,10 +137,11 @@
 	setusershell();
 	while (sh = getusershell()) {
 		if (!strcmp(name, sh))
-			return (name);
+			{ endusershell(); return (name); }
 		/* allow just shell name, but use "real" path */
 		if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0)
-			return (sh);
+			{ endusershell(); return (sh); }
 	}
+	endusershell();
 	return (NULL);
 }


Index: su.c
===================================================================
RCS file: /home2h/FreeBSD.cvsroot/src/usr.bin/su/su.c,v
retrieving revision 1.14
diff -u -r1.14 su.c
--- su.c	1996/10/07 10:00:58	1.14
+++ su.c	1997/01/11 01:18:41
@@ -330,9 +330,14 @@
 {
 	char *cp;
 
+	setusershell();
 	while ((cp = getusershell()) != NULL)
-		if (strcmp(cp, sh) == 0)
+		if (strcmp(cp, sh) == 0) {
+			endusershell();
 			return (1);
+		}
+
+	endusershell();
 	return (0);
 }

 
Index: pw_scan.c
===================================================================
RCS file: /home2h/FreeBSD.cvsroot/src/usr.sbin/pwd_mkdb/pw_scan.c,v
retrieving revision 1.5
diff -u -r1.5 pw_scan.c
--- pw_scan.c	1996/06/20 19:19:29	1.5
+++ pw_scan.c	1997/01/11 01:20:00
@@ -123,7 +123,8 @@
 
 	p = pw->pw_shell;
 	if (root && *p)					/* empty == /bin/sh */
-		for (setusershell();;) {
+		setusershell();
+		for (;;) {
 			if (!(sh = getusershell())) {
 				warnx("warning, unknown root shell");
 				break;
@@ -131,6 +132,7 @@
 			if (!strcmp(p, sh))
 				break;
 		}
+		endusershell();
 	if(p[0]) pw->pw_fields |= _PWF_SHELL;
 
 	if (p = strsep(&bp, ":")) {			/* too many */


>Release-Note:
>Audit-Trail:

From: David Nugent <davidn@unique.usn.blaze.net.au>
To: Philippe Charnier <charnier@xp11.frmug.org>
Cc: FreeBSD-gnats-submit@freebsd.org,
        GNATS Management <gnats@freefall.freebsd.org>,
        freebsd-bugs@freefall.freebsd.org
Subject: Re: bin/2442: setusershell()/endusershell() missing
Date: Thu, 11 Jan 1996 01:40:10 +0000 ()

 On Sat, 11 Jan 1997, Philippe Charnier wrote:
 
 >	The right way (TM) should be:
 >		setusershell()
 >		some getusershell()
 >		endusershell()
 
 In theory at least. :-)
 
 
 > 	setusershell();
 > 	while (sh = getusershell()) {
 > 		if (!strcmp(name, sh))
 >-			return (name);
 >+			{ endusershell(); return (name); }
 > 		/* allow just shell name, but use "real" path */
 > 		if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0)
 >-			return (sh);
 >+			{ endusershell(); return (sh); }
 
 The problem in some places patched is that 'sh' will point to
 memory that has been free()'ed by the call to endusershell(). Not
 all, but some.
 
 Either this should be documented, and strdup() called prior
 endusershell() is called and the strdup()ed copy should be
 returned, or /usr/src/lib/libc/gen/getusershell.c should be made
 to not to free that memory, but recycle it should setusershell()
 be called again. I think the latter is a better solution, which
 would allow this patch to work as is. However, libc needs to be
 fixed first.
 
 Regards,
 
 David Nugent - Unique Computing Pty Ltd - Melbourne, Australia
 Voice +61-3-9791-9547  Data/BBS +61-3-9792-3507  3:632/348@fidonet
 davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/
 
Responsible-Changed-From-To: freebsd-bugs->davidn 
Responsible-Changed-By: davidn 
Responsible-Changed-When: Sun Jan 12 15:23:18 EST 1997 
Responsible-Changed-Why:  
Seems to be in my area. 

From: Joseph Holland King <gte743n@cad.gatech.edu>
To: FreeBSD-gnats-submit@freebsd.org
Cc:  
Subject: Re: bin/2442: setusershell()/endusershell() missing
Date: Tue, 19 Nov 2002 01:51:06 -0500

 this has been opened since 1997, is it still valid or can it be closed?
 
 -- 
 Holland King        
 gte743n@cad.gatech.edu

From: "First Electronics Service" <firsttv@1sttv.omhcoxmail.com>
To: <freebsd-gnats-submit@FreeBSD.org>, <charnier@xp11.frmug.org>
Cc:  
Subject: Re: bin/2442: setusershell()/endusershell() missing
Date: Sat, 21 Dec 2002 12:01:12 -0600

 How about passing sh to realloc()?  That would squash that gnat.
 
 HTH,
 Lucas
 
Responsible-Changed-From-To: davidn->freebsd-bugs 
Responsible-Changed-By: dougb 
Responsible-Changed-When: Fri Mar 14 21:42:46 PST 2003 
Responsible-Changed-Why:  

davidn is no longer with us 

http://www.freebsd.org/cgi/query-pr.cgi?pr=2442 

From: Friedemann Becker <zxmxy33@mail.uni-tuebingen.de>
To: freebsd-gnats-submit@FreeBSD.org, charnier@xp11.frmug.org
Cc:  
Subject: Re: bin/2442: setusershell()/endusershell() missing
Date: Thu, 25 Dec 2003 19:15:24 +0100

 This is was i found about the xxxusershell issue:
 
 in src/lib/libc/gen/getusershell.c a stringlist is used to store the 
 /etc/shells entries.
 in setusershell(), or getusershell() when called for the first time, the 
 memory for the string list is allocated (see stringlist.c).
 subsequent calls to getusershell() just return the next entry in the 
 list, one after one.
 endusershell() deallocates the memory.
 
 now, in the patches, XXXusershell() is only used once in each case, so 
 it doesn't matter, if setusershell() is called or not. this only becomes 
 a problem, if eventually someone decides to use these functions more 
 than once per process.
 
 a missing call to endusershell() is not a problem, the memory is free'd 
 at the next call to setusershell() or process termination.
 
 
 
 someone should decide, what to do here. i have reviewed each of the 
 patches, in case someone wants to apply them.
 
 
 
 ftpd.c:
 the patch for ftpd still applies and is correct
 
 --- /usr/src/libexec/ftpd/ftpd.c    Thu Dec 11 19:07:26 2003
 +++ /home/lucius/usr.src/libexec/ftpd/ftpd.c    Thu Dec 25 18:02:57 2003
 @@ -1015,6 +1015,7 @@
      if ((pw = sgetpwnam(name))) {
          if ((shell = pw->pw_shell) == NULL || *shell == 0)
              shell = _PATH_BSHELL;
 +        setusershell();
          while ((cp = getusershell()) != NULL)
              if (strcmp(cp, shell) == 0)
                  break;
 
 
 
 user.c:
 this one still applies, is correct, but different path
 
 note: the result has not to be strdup'ed, only the pointer is tested ==NULL,
 the pointer-address isn't affected by free (called in endusershell()).
 
 
 --- /usr/src/usr.sbin/sysinstall/user.c    Thu Jul  5 11:51:09 2001
 +++ /home/lucius/usr.src/usr.sbin/sysinstall/user.c    Thu Dec 25 
 18:44:36 2003
 @@ -426,6 +426,7 @@
      return 0;
      }
      if (strlen(shell) > 0) {
 +    setusershell();
      while((cp = getusershell()) != NULL)
          if (strcmp(cp, shell) == 0)
          break;
 
 
 util.c:
 this patch had to be corrected as described in the audit-trail. now working
 
 --- /usr/src/usr.bin/chpass/util.c    Sun Jun 30 07:21:15 2002
 +++ /home/lucius/usr.src/usr.bin/chpass/util.c    Thu Dec 25 18:14:19 2003
 @@ -142,15 +142,21 @@
  char *
  ok_shell(char *name)
  {
 -    char *p, *sh;
 +    char *p, *sh, *ret;
  
      setusershell();
      while ((sh = getusershell())) {
 -        if (!strcmp(name, sh))
 +        if (!strcmp(name, sh)) {
 +            endusershell();
              return (name);
 +        }
          /* allow just shell name, but use "real" path */
 -        if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0)
 -            return (sh);
 +        if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0)    {
 +            ret = strdup(sh);
 +            endusershell();
 +            return (ret);
 +        }
      }
 +    endusershell();
      return (NULL);
  }
 
 
 
 
 su.c: this patch is obsolete - {set,get,end}usershell is called 
 correctly (at least in -current)
 
 
 pw_scan:
 here the curly braces were patched away (the 'for' line),
 this was corrected below
 
 --- /usr/src/lib/libc/gen/pw_scan.c    Fri Oct 11 13:35:30 2002
 +++ /home/lucius/usr.src/lib/libc/gen/pw_scan.c    Thu Dec 25 18:29:28 2003
 @@ -180,7 +180,7 @@
          goto fmt;
  
      p = pw->pw_shell;
 -    if (root && *p)                    /* empty == /bin/sh */
 +    if (root && *p)    {                /* empty == /bin/sh */
          for (setusershell();;) {
              if (!(sh = getusershell())) {
                  if (flags & _PWSCAN_WARN)
 @@ -190,6 +190,8 @@
              if (!strcmp(p, sh))
                  break;
          }
 +        endusershell();
 +    }
      if (p[0])
          pw->pw_fields |= _PWF_SHELL;
 
State-Changed-From-To: open->closed 
State-Changed-By: ceri 
State-Changed-When: Mon Feb 16 03:18:54 PST 2004 
State-Changed-Why:  
charnier committed the necessary fixes himself. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=2442 

From: Yar Tikhiy <yar@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org, charnier@xp11.frmug.org,
	ceri@FreeBSD.org
Cc:  
Subject: Re: bin/2442: setusershell()/endusershell() missing
Date: Mon, 16 Feb 2004 18:42:01 +0300

 Gentlemen,
 
 Are you sure this PR can be closed?  As I see, at least
 the fix to ftpd hasn't been MFC'ed yet.  I believe that
 this PR should stay in the "patched" state until MFC of
 all the fixes that apply to STABLE.
 
 -- 
 Yar
State-Changed-From-To: closed->patched 
State-Changed-By: ceri 
State-Changed-When: Mon Feb 16 08:34:40 PST 2004 
State-Changed-Why:  
charnier's MFC reminder. 


Responsible-Changed-From-To: freebsd-bugs->charnier 
Responsible-Changed-By: ceri 
Responsible-Changed-When: Mon Feb 16 08:34:40 PST 2004 
Responsible-Changed-Why:  
charnier's MFC reminder. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=2442 

From: Ceri Davies <ceri@FreeBSD.org>
To: Yar Tikhiy <yar@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org, charnier@xp11.frmug.org
Subject: Re: bin/2442: setusershell()/endusershell() missing
Date: Mon, 16 Feb 2004 16:34:33 +0000

 On Mon, Feb 16, 2004 at 06:42:01PM +0300, Yar Tikhiy wrote:
 > Gentlemen,
 > 
 > Are you sure this PR can be closed?  As I see, at least
 > the fix to ftpd hasn't been MFC'ed yet.  I believe that
 > this PR should stay in the "patched" state until MFC of
 > all the fixes that apply to STABLE.
 
 You're probably right.  I'll pick it out and assign it to charnier.
 
 Ceri
 -- 
State-Changed-From-To: patched->closed 
State-Changed-By: charnier 
State-Changed-When: Sat May 15 12:45:10 PDT 2004 
State-Changed-Why:  
Fixes where MFCed to stable some months ago. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=2442 
>Unformatted:
