diff options
| author | Steve Langasek <vorlon@debian.org> | 2000-08-31 17:15:30 +0000 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2000-08-31 17:15:30 +0000 |
| commit | dc35d260aa783ba52ad3d1fce49cabacc39a9a1d (patch) | |
| tree | d05f15f52570b06f8343e09af22ae6d22f9edcbd | |
| parent | b61735f7a7f752b2ae6ea0518d47163f5ec9e1d2 (diff) | |
Relevant BUGIDs: 113238
Purpose of commit: bugfix to pam_unix
Commit summary:
---------------
Fixed case where pam_unix would segfault if the app's conversation function
returned a null pointer as the password. Since a null pointer can never be
a valid password unless the password file also has a null field (which we
already check for), we now check for a valid pointer and return PAM_AUTH_ERR
if we don't have one.
| -rw-r--r-- | modules/pam_unix/support.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 610b29a7..256e4999 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -525,6 +525,8 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name D(("user has empty password - access denied")); retval = PAM_AUTH_ERR; } + } else if (!p) { + retval = PAM_AUTH_ERR; } else { if (!strncmp(salt, "$1$", 3)) { pp = Goodcrypt_md5(p, salt); |