From 2b5457bbf7352200f7bc77795adbbcfd47550855 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tm@t8m.info>
Date: Thu, 28 Jul 2005 10:16:55 +0000
Subject: Relevant BUGIDs: Red Hat bz #164418

Purpose of commit: bugfix

Commit summary:
---------------
pam_userdb: Fix regression - crash when crypt param not specified
---
 CHANGELOG                       | 1 +
 modules/pam_userdb/pam_userdb.c | 9 +++++----
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index cb407caa..57a4b28d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -71,6 +71,7 @@ BerliOS Bugs are marked with (BerliOS #XXXX).
 * defs: Remove obsolete directory/content (kukuk)
 * Rename _pam_aconf.h.in to config.h (kukuk)
 * pam_unix: Don't ignore pam_get_item return value (kukuk)
+* pam_userdb: Fix regression - crash when crypt param not specified (t8m)
 
 0.80: Wed Jul 13 13:23:20 CEST 2005
 * pam_tally: test for NULL data before dereferencing them (t8m)
diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c
index 09467877..87a6ffd5 100644
--- a/modules/pam_userdb/pam_userdb.c
+++ b/modules/pam_userdb/pam_userdb.c
@@ -164,8 +164,8 @@ user_lookup (const char *database, const char *cryptmode,
     }
 
     if (ctrl & PAM_DEBUG_ARG) {
-	_pam_log(LOG_INFO, "password in database is [%p]`%s', len is %d",
-		 data.dptr, (char *) data.dptr, data.dsize);
+	_pam_log(LOG_INFO, "password in database is [%p]`%.*s', len is %d",
+		 data.dptr, data.dsize, (char *) data.dptr, data.dsize);
     }
 
     if (data.dptr != NULL) {
@@ -177,7 +177,7 @@ user_lookup (const char *database, const char *cryptmode,
 	    return 0; /* found it, data contents don't matter */
 	}
 
-	if (strncasecmp(cryptmode, "crypt", 5) == 0) {
+	if (cryptmode && strncasecmp(cryptmode, "crypt", 5) == 0) {
 
 	  /* crypt(3) password storage */
 
@@ -219,7 +219,8 @@ user_lookup (const char *database, const char *cryptmode,
 	    compare = strncmp(data.dptr, pass, data.dsize);
 	}
 
-	  if (strncasecmp(cryptmode, "none", 4) && ctrl & PAM_DEBUG_ARG) {
+	  if (cryptmode && strncasecmp(cryptmode, "none", 4) 
+		&& (ctrl & PAM_DEBUG_ARG)) {
 	    _pam_log(LOG_INFO, "invalid value for crypt parameter: %s",
 		     cryptmode);
 	    _pam_log(LOG_INFO, "defaulting to plaintext password mode");
-- 
cgit v1.2.3