On Tue, Oct 30, 2018 at 02:24:46PM -0600, Todd C. Miller wrote:
> I really dislike the side-effect in filteruser(), see below.
> > +static int
> > +filteruser(char buf[])
> > +{
> > + char *bufp = buf;
> > + uid_t *uidp;
> > +
> > + if (bufp[0] == '-') {
> > + bufp++[0] = ' ';
>
> Why is this needed, can't you just do "bufp++"?
Because we cannot increment the function argument directly:
int
rundisplay(void)
{
static char tempbuf[TEMPBUFSIZE];
...
case CMD_user:
...
} else if (filteruser(tempbuf) == -1) {
Hence filteruser() uses a pointer to it. Replacing the prefixed dash
with a space it not neccessary for parsing, it merely keeps error
messages intact.
With just `bufp++' the command "u-kn" would print " -foo: unknown user".
