Fix use-after-free bugs

[akalin]

The pattern:

const char *foo = function_returning_string().c_str();

is dangerous because the pointer lives only as long as the temporary string returned by the function (i.e., the end of the statement), so using 'foo' leads to a use-after-free.

Fixed that by doing:

const string &foo = function_returning_string();
...
function_taking_pointer(foo.c_str());

instead. This is safe because binding a temporary to a const reference makes that temporary live for the whole block.

Also removed some other unnecessary calls to c_str().

[akalin]

Ugh, this fix is buggy. Stay tuned...

[akalin]

Okay, this version should work. That's what I get for not testing before pushing...