Dead code

[alejandro-colomar]

shadow/lib/valid.c

Lines 41 to 57 in 53ea42e

	if ((NULL != ent->pw_name) && ('\0' == ent->pw_passwd[0])) {
	if ('\0' == password[0]) {
	return true; /* user entered nothing */
	} else {
	return false; /* user entered something! */
	}
	}
	/*
	* If there is no entry then we need a salt to use.
	*/
	if ((NULL == ent->pw_name) || ('\0' == ent->pw_passwd[0])) {
	salt = "xx";
	} else {
	salt = ent->pw_passwd;
	}

The only way to arrive at line 48 with

('\0' == ent->pw_passwd[0])

is that

(NULL == ent->pw_name)

But then, it means that the second part of the condition in line 53 is redundant, and can be removed.

[hallyn]

Hm, note it's (now, at least) only used in sulogin (single user login).

I think the second part of

if ((NULL == ent->pw_name) || ('\0' == ent->pw_passwd[0])) {

is actually the important part. The first part is there to
guard the second check: If there was no entry, then
ent->pw_passwd is NULL, so we can't check ent->pw_passwd[0].

It might be more intuitive if it was

if ((NULL == ent->pw_passwd) || ('\0' == ent->pw_passwd[0])) {

But I'm not sure if there is some corner case that would fail -
perhaps pw_passwd would end up pointing at garbage from a previous
call, while pw->pw_name is reliably NULLed.

[alejandro-colomar]

Yeah, I think something is obscure there, and I prefer to not touch it. I fear that we'll break it if we touch it. I think let's keep this issue open, and forget about it, until someone has a deep look at the logic of that program.