From owner-cvs-lib  Fri Jun  2 04:23:36 1995
Return-Path: cvs-lib-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id EAA22888
          for cvs-lib-outgoing; Fri, 2 Jun 1995 04:23:36 -0700
Received: (from davidg@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id EAA22867
          ; Fri, 2 Jun 1995 04:23:26 -0700
Date: Fri, 2 Jun 1995 04:23:26 -0700
From: David Greenman <davidg>
Message-Id: <199506021123.EAA22867@freefall.cdrom.com>
To: CVS-commiters, cvs-lib
Subject: cvs commit: src/lib/libc/gen getpwent.c
Sender: cvs-lib-owner@freebsd.org
Precedence: bulk

davidg      95/06/02 04:23:26

  Modified:    lib/libc/gen  getpwent.c
  Log:
  	The +@netgroup/-@netgroup NIS password overrides can fail in
  	some cases due to a subtle bug. Specifically, if you override
  	an NIS user's shell, /usr/bin/login and /usr/bin/su (and probably
  	other commands) can end up with bogus data for the pw_shell
  	member of the passwd structure *if* the do an endpwent(),
  	thereby preventing logins.
  
  	This happpens because the text fields in the passwd structure
  	(pw_name, pw_passwd, pw_gecos, pw_class, pw_dir and pw_shell)
  	are returned to the calling program as pointers to dycamically
  	allocated buffers, rather than pointers to static buffers as
  	they should be. Once endpwent() is called, the dynamic buffers
  	are free()ed, which invalidates the data returned by the
  	library functions.
  
  Note: Bill promises a more elegant solution in post-2.0.5R. This fix
  	is only a work-around.
  
  Submitted by:	Bill Paul