[comp.bugs.4bsd] Problems with {get,set,end}usershell

mark@sickkids.UUCP (Mark Bartelt) (12/10/88)

It's never too difficult to find some really atrocious code while
poking around in the 4bsd sources, but I've just encountered what
may be a strong contender should anyone choose to hold a contest
for the highest sleaze-to-lines_of_code ratio:  getusershell.c

This tiny (barely 100 lines of code, including the copyright notice)
collection of functions has several outright bugs, and a number of
shoddy coding practices as well.  I find it difficult to believe that
nobody has come across these before, but I don't recall having seen
anything posted, so here goes ...

(1)  The initshells() function doesn't deal with comments properly.
Presumably, '#' is meant to begin a comment (though this doesn't
seem to be documented anywhere; one can nonetheless infer it from
the distributed 4.3bsd /etc/shells).  However, a '#' is recognized
*only* if it appears on a line *after* a '/' character.  Hence the
4.3 /etc/shells, which looks like ...
    
   # List of acceptable shells for chsh/passwd -s
   #  [ other comments ]
   /bin/sh
   /bin/csh

... causes getusershell() to return the following:

   /passwd
   /bin/sh
   /bin/csh

(2)  The setusershell() function simply doesn't work at all.  The
reason for this is that setusershell() does ...

	shells = initshells();

... where the "shells" it's referring to is a static global defined
near the beginning of the file.  However, getusershell() has its own
definition of "shells", local in scope.  Sigh.

(3)  There's all sorts of other sleazy coding scattered about.  For
example, endusershell() does the following ...

	if (shells != NULL)
		free((char *)shells);

... without regard to whether it's really freeing something that
was allocated by malloc() or calloc(); and, of course, it might
not have been, e.g. in the case where /etc/shells doesn't exist.

The fixes for all these things are obvious, and there's even more
that could stand to be cleaned up.  Just start reading the source
code, and follow your nose.

Mark Bartelt                          UUCP: {utzoo,decvax}!sickkids!mark
Hospital for Sick Children, Toronto   BITNET: mark@sickkids.utoronto
416/598-6442                          INTERNET: mark@sickkids.toronto.edu