check pw_passwd != NULL here too Again, for systems with broken NIS implementations. Prompted by coolbugcheckers AT gmail.com

commit: c29b111e7d87c2324ff71c80653dd8da168c13b9 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Thu Oct 11 11:29:35 2018 +1100
committer: Damien Miller <djm@mindrot.org> Thu Oct 11 11:29:35 2018 +1100
tree: 1f3bec2f9d79467c6a4f164c37d00f0f1ce0b0dd
parent: fe8e8f349a553ef4c567acd418aac769a82b7729 [diff] [blame]
diff --git a/auth-passwd.c b/auth-passwd.c
index 65f5251..24fcb67 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c

@@ -198,6 +198,9 @@
 	/* Just use the supplied fake password if authctxt is invalid */
 	char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
 
+	if (pw_password == NULL)
+		return 0;
+
 	/* Check for users with no password. */
 	if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
 		return (1);
commit	c29b111e7d87c2324ff71c80653dd8da168c13b9	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Thu Oct 11 11:29:35 2018 +1100
committer	Damien Miller <djm@mindrot.org>	Thu Oct 11 11:29:35 2018 +1100
tree	1f3bec2f9d79467c6a4f164c37d00f0f1ce0b0dd
parent	fe8e8f349a553ef4c567acd418aac769a82b7729 [diff] [blame]