From sjg@juniper.net  Mon Apr  1 11:14:51 2002
Return-Path: <sjg@juniper.net>
Received: from merlot.juniper.net (natint.juniper.net [207.17.136.129])
	by hub.freebsd.org (Postfix) with ESMTP id 09D6B37B400
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  1 Apr 2002 11:14:51 -0800 (PST)
Received: from ran.juniper.net (ran.juniper.net [172.17.12.216])
	by merlot.juniper.net (8.11.3/8.11.3) with ESMTP id g31JEjT54411
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 1 Apr 2002 11:14:45 -0800 (PST)
	(envelope-from sjg@juniper.net)
Received: (from sjg@localhost)
	by ran.juniper.net (8.11.1/8.9.3) id g31JEje89443;
	Mon, 1 Apr 2002 11:14:45 -0800 (PST)
	(envelope-from sjg)
Message-Id: <200204011914.g31JEje89443@ran.juniper.net>
Date: Mon, 1 Apr 2002 11:14:45 -0800 (PST)
From: sjg@juniper.net
Reply-To: sjg@juniper.net
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: login_cap(3) incorrectly claims that all resources freed.
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         36626
>Category:       kern
>Synopsis:       login_cap(3) incorrectly claims that all resources freed.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 01 11:20:01 PST 2002
>Closed-Date:    
>Last-Modified:  Tue Apr 21 00:07:02 UTC 2009
>Originator:     
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
Juniper Networks
>Environment:
System: FreeBSD ran.juniper.net 5.0-CURRENT FreeBSD 5.0-CURRENT #5: Thu Nov 16 10:40:43 PST 2000 root@cacophony2.juniper.net:/usr/src/sys/compile/Juniper i386


	
>Description:
	
login_cap(3) states:

     Note that with all functions in this group, you should not call free(3)
     on any pointers returned.  Memory allocated during retrieval or process-
     ing of capability tags is automatically reused by subsequent calls to
     functions in this group, or deallocated on calling login_close().

this is incorrect.  Functions like login_getcapstr() simply return
either the default passed to them or the string malloc'd by cgetstr().
No book keeping is done to ensure that that string is free()'d when needed.

Actually implementing the above promise is probably a tall order.
It might be better to document which functions do indeed need free() called 
and with the warning that one should use variables for default values
so that one can later tell if free is needed or not.

Alternatively login_getcapstr() could strdup(def), so that free() is always 
needed.

>How-To-Repeat:
	
>Fix:

	
>Release-Note:
>Audit-Trail:
>Unformatted:
