Previous Next Contents

3.1 Care about standard library calls

In general, writers of authorization-granting applications should assume that each module is likely to call any or all `libc' functions. For `libc' functions that return pointers to static/dynamically allocated structures (ie. the library allocates the memory and the user is not expected to `free()' it) any module call to this function is likely to corrupt a pointer previously obtained by the application. The application programmer should either re-call such a `libc' function after a call to the Linux-PAM library, or copy the structure contents to some safe area of memory before passing control to the Linux-PAM library.


Previous Next Contents