- (djm) [auth.c] Fix NULL pointer dereference in fakepw(). Crash would

occur if the server did not have the privsep user and an invalid user tried to login and both privsep and krb5 auth are disabled.
author: Damien Miller <djm@mindrot.org> 2006-12-05 09:08:54 +1100
committer: Damien Miller <djm@mindrot.org> 2006-12-05 09:08:54 +1100
commit: 143c2ef1ce072966d27d269d9acfed08796c390c (patch)
tree: 22dc2642d155e05bac3bdd60cc2f2ffdebe0cc79 /auth.c
parent: b0781f79db208900b2d0fd4a1ee69e121bf37792 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/auth.c b/auth.c
index 5d23343b..505102f8 100644
--- a/auth.c
+++ b/auth.c
@@ -569,8 +569,8 @@ fakepw(void)
 	fake.pw_passwd =
 	    "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
 	fake.pw_gecos = "NOUSER";
-	fake.pw_uid = privsep_pw->pw_uid;
-	fake.pw_gid = privsep_pw->pw_gid;
+	fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;
+	fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;
 #ifdef HAVE_PW_CLASS_IN_PASSWD
 	fake.pw_class = "";
 #endif
author	Damien Miller <djm@mindrot.org>	2006-12-05 09:08:54 +1100
committer	Damien Miller <djm@mindrot.org>	2006-12-05 09:08:54 +1100
commit	143c2ef1ce072966d27d269d9acfed08796c390c (patch)
tree	22dc2642d155e05bac3bdd60cc2f2ffdebe0cc79 /auth.c
parent	b0781f79db208900b2d0fd4a1ee69e121bf37792 (diff)