pam_exec: fix a potential null pointer dereference

Fix a null pointer dereference when pam_prompt returns PAM_SUCCESS but the response is set to NULL. * modules/pam_exec/pam_exec.c (call_exec): Do not invoke strndupa with a null pointer. Closes: https://github.com/linux-pam/linux-pam/pull/2
author: Daniel Abrecht <daniel.abrecht@hotmail.com> 2017-01-19 11:35:04 +0100
committer: Dmitry V. Levin <ldv@altlinux.org> 2017-01-19 10:35:04 +0000
commit: c8dc2b4c2045bb44a038356751e0f0428afe1171 (patch)
tree: 1952cb3947dc9428c84c68111dc2b033d2143dfa /modules/pam_exec/pam_exec.c
parent: dbd1ae9516e2ff9793cf8957111d526a90716862 (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
index f7de1aa5..52dc6818 100644
--- a/modules/pam_exec/pam_exec.c
+++ b/modules/pam_exec/pam_exec.c
@@ -177,9 +177,12 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
 		  return retval;
 		}
 
-	      pam_set_item (pamh, PAM_AUTHTOK, resp);
-	      authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
-	      _pam_drop (resp);
+	      if (resp)
+		{
+		  pam_set_item (pamh, PAM_AUTHTOK, resp);
+		  authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
+		  _pam_drop (resp);
+		}
 	    }
 	  else
 	    authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
author	Daniel Abrecht <daniel.abrecht@hotmail.com>	2017-01-19 11:35:04 +0100
committer	Dmitry V. Levin <ldv@altlinux.org>	2017-01-19 10:35:04 +0000
commit	c8dc2b4c2045bb44a038356751e0f0428afe1171 (patch)
tree	1952cb3947dc9428c84c68111dc2b033d2143dfa /modules/pam_exec/pam_exec.c
parent	dbd1ae9516e2ff9793cf8957111d526a90716862 (diff)