source/client/client.c : redundant calls to getenv()

Pascal A. Dupuis dupuis at
Tue Nov 24 10:55:12 GMT 1998

Another small problem in 2.0.0beta2: around line 1968, getenv() is called
three times, with the same argument. The glibc manual says the memory zone
returned by getenv() may be clobbered on non-glibc systems by other calls
to getenv(), but there are no such calls in-between. I suggest to modify
this code as : 

line 1924 : char *p, *user; 

line 1968 :
if ((user=getenv("USER")) {
	pstrcpy(username, user);

        /* modification to support userid%passwd syntax in the USER var
                   25.Aug.97, jdblair at */
	if ((p=strchr(username,'%'))) {
                        *p = 0;
                        got_pass = True;
/* modification to support PASSWD environmental var
           25.Aug.97, jdblair at */
if ((user=getenv("PASSWD"))) {
                got_pass = True;
if ((user=getenv("PASSWD_FD")) {
        got_pass = True;
} else if ((user=getenv("PASSWD_FILE")) {
	got_pass = True;
if (*username == 0 && (user=getenv("LOGNAME"))) {

Also, I don't understand at all the goal of the memset. In the original
version, it was :
thus :
  -get a fresh copy of the environment string "USER" (they are still two
       lying around)
  -search for the % delimiter
  -replace the password part by XXX	
You thus hide one copy in memory, what about the two others ?


Pascal A. Dupuis

feature, n: A surprising property of a program.  Occasionaly documented.
To call a property a feature sometimes means the author did not consider
that case, and the program makes an unexpected, though not necessarily
wrong response.  See BUG.  "That's not a bug, it's a feature!"  A bug can
be changed to a feature by documenting it.

More information about the samba mailing list