man execve says:
execve() does not return on success, and the text, data,
bss, and stack of the calling process are overwritten by
that of the program loaded.
I'm a little out of my depth here, but I believe this means that the
only safe thing to do is malloc(), and that's what checkpassword does.
However, what happens to the malloc()'d memory? Does it get freed after
the exec'd process ends, or would that be a memory leak?
I'll investigate.
----- Forwarded message from Ken Jones <[EMAIL PROTECTED]> -----
Date: Thu, 02 Nov 2000 18:25:16 -0600
From: Ken Jones <[EMAIL PROTECTED]>
X-Mailer: Mozilla 4.72 [en] (X11; U; Linux 2.2.12-20 i586)
To: Rick Morris <[EMAIL PROTECTED]>
CC: [EMAIL PROTECTED]
Subject: Re: Bug in vchkpw
I wonder if the memory needs to be malloc'd or if the stack variables
in main() are okay.
Ken Jones
Rick Morris wrote:
>
> Hello all.
>
> I've found a bug in vchkpw. It tries to add 3 new environment
> variables, but uses the same buf for each one, which overwrites the
> previous values.
>
----- End forwarded message -----
--
Rick Morris
VP Network Administration
Wamco Technologies Group
Phone: (250) 386-5535
Fax: (250) 386-5520
