From b7cc1954e6611c9558f4ce63bb5ee91b41de2272 Mon Sep 17 00:00:00 2001
From: Dave West <davew@uncensored.citadel.org>
Date: Tue, 3 Nov 2009 12:34:30 +0000
Subject: [PATCH] Add some comments to rename_user indicating why the code is
 bad. It traverses an unlocked context list and it leaves a big hole for the
 actual operation to do something unexpected.

---
 citadel/user_ops.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/citadel/user_ops.c b/citadel/user_ops.c
index 7c9ed32b3..6cbef4ff0 100644
--- a/citadel/user_ops.c
+++ b/citadel/user_ops.c
@@ -209,6 +209,7 @@ int rename_user(char *oldname, char *newname) {
  * We check that the user is not already logged in because we can't rename them
  * if they are logged in.
  * BUT THEN WE LEAVE A HUGE WINDOW FOR THEM TO LOG IN BEFORE WE LOCK TO RENAME THEM!!!!!
+ * We are also traversing an un-locked context list which is a very bad thing to do.
  */
 	for (cptr = ContextList; cptr != NULL; cptr = cptr->next) {
 		if (!strcasecmp(cptr->user.fullname, oldname)) {
-- 
2.39.2