I'm working on Linux and FreeBSD. When I use getpwnam() or getpwuid(), I get a pointer to a passwd struct. What's the safe way to use the char* members of that passwd struct?
The man page says this struct is a static object but will be overwritten by subsequent calls, so I guess the safe way is to use strdup() to get a copy of the char* members and then no longer uses the passwd struct.
Is my understanding correct?
The safest way is not to use them at all, but instead use
getpwnam_randgetpwuid_r, which store the results in a caller-provided buffer. This not only avoids the issue you're asking about, but also makes your code safe for use in a multi-threaded process.