Gary Winiger wrote:
>> From security-discuss-bounces at opensolaris.org Tue Feb 24 12:46:59 2009
>> * As Gary already said, it's better to use strdup() in get_username()
>> instead of reimplementing it yourself. In fact, you can just return
>> uspw->pw_name (without copying the string) as long as you don't try to
>> keep using the old value after the next time you call get_username().
>
> struct passwd uspw also needs to be global, not an automatic
> in the function.
Actually, it doesn't matter. He'd be returning and using the string
pointer inside the structure, not the passwd struct itself.
>
>> Don't forget to remove the free() at line 231.
>
> And likely other free's -- of course.
I think that's the only one. The others free memory allocated by libsecdb.
Scott
--
Scott Rotondo
Principal Engineer, Solaris Security Technologies
President, Trusted Computing Group
Phone/FAX: +1 408 850 3655 (Internal x68278)
