- (djm) [auth.c] Fix NULL pointer dereference in fakepw(). Crash would occur if the server did not have the privsep user and an invalid user tried to login and both privsep and krb5 auth are disabled.

commit: 143c2ef1ce072966d27d269d9acfed08796c390c [log] [tgz]
author: Damien Miller <djm@mindrot.org> Tue Dec 05 09:08:54 2006 +1100
committer: Damien Miller <djm@mindrot.org> Tue Dec 05 09:08:54 2006 +1100
tree: 22dc2642d155e05bac3bdd60cc2f2ffdebe0cc79
parent: b0781f79db208900b2d0fd4a1ee69e121bf37792 [diff] [blame]
diff --git a/auth.c b/auth.c
index 5d23343..505102f 100644
--- a/auth.c
+++ b/auth.c

@@ -569,8 +569,8 @@
 	fake.pw_passwd =
 	    "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
 	fake.pw_gecos = "NOUSER";
-	fake.pw_uid = privsep_pw->pw_uid;
-	fake.pw_gid = privsep_pw->pw_gid;
+	fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;
+	fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;
 #ifdef HAVE_PW_CLASS_IN_PASSWD
 	fake.pw_class = "";
 #endif
commit	143c2ef1ce072966d27d269d9acfed08796c390c	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Tue Dec 05 09:08:54 2006 +1100
committer	Damien Miller <djm@mindrot.org>	Tue Dec 05 09:08:54 2006 +1100
tree	22dc2642d155e05bac3bdd60cc2f2ffdebe0cc79
parent	b0781f79db208900b2d0fd4a1ee69e121bf37792 [diff] [blame]