From c29b111e7d87c2324ff71c80653dd8da168c13b9 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 11 Oct 2018 11:29:35 +1100 Subject: [PATCH] check pw_passwd != NULL here too Again, for systems with broken NIS implementations. Prompted by coolbugcheckers AT gmail.com --- auth-passwd.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/auth-passwd.c b/auth-passwd.c index 65f525184..24fcb67b2 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -198,6 +198,9 @@ sys_auth_passwd(struct ssh *ssh, const char *password) /* Just use the supplied fake password if authctxt is invalid */ char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; + if (pw_password == NULL) + return 0; + /* Check for users with no password. */ if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) return (1);