- (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters

via Niels
author: Damien Miller <djm@mindrot.org> 2012-04-26 09:51:26 +1000
committer: Damien Miller <djm@mindrot.org> 2012-04-26 09:51:26 +1000
commit: 7584cb1ac4daafbfb3dec592dd7ef48b81d20eea (patch)
tree: b758ad859d530f5b4e22d3c7dce55465d8c6b090
parent: ba77e1f67311fc76fe7ce460f7f03b6528383cbc (diff)
2 files changed, 6 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index dedf2f33..908dcd49 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20120426
+ - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
+   via Niels
+
 20120423
  - OpenBSD CVS Sync
    - djm@cvs.openbsd.org 2012/04/23 08:18:17
diff --git a/auth-passwd.c b/auth-passwd.c
index b1c6ce09..68bbd18d 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -209,6 +209,7 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
 	 * Authentication is accepted if the encrypted passwords
 	 * are identical.
 	 */
-	return (strcmp(encrypted_password, pw_password) == 0);
+	return encrypted_password != NULL &&
+	    strcmp(encrypted_password, pw_password) == 0;
 }
 #endif
author	Damien Miller <djm@mindrot.org>	2012-04-26 09:51:26 +1000
committer	Damien Miller <djm@mindrot.org>	2012-04-26 09:51:26 +1000
commit	7584cb1ac4daafbfb3dec592dd7ef48b81d20eea (patch)
tree	b758ad859d530f5b4e22d3c7dce55465d8c6b090
parent	ba77e1f67311fc76fe7ce460f7f03b6528383cbc (diff)