check pw_passwd != NULL here too

Again, for systems with broken NIS implementations. Prompted by coolbugcheckers AT gmail.com
author: Damien Miller <djm@mindrot.org> 2018-10-11 02:29:35 +0200
committer: Damien Miller <djm@mindrot.org> 2018-10-11 02:29:35 +0200
commit: c29b111e7d87c2324ff71c80653dd8da168c13b9 (patch)
tree: 1f3bec2f9d79467c6a4f164c37d00f0f1ce0b0dd /auth-passwd.c
parent: check for NULL return from shadow_pw() (diff)
download: openssh-c29b111e7d87c2324ff71c80653dd8da168c13b9.tar.xz
openssh-c29b111e7d87c2324ff71c80653dd8da168c13b9.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/auth-passwd.c b/auth-passwd.c
index 65f525184..24fcb67b2 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -198,6 +198,9 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
 	/* Just use the supplied fake password if authctxt is invalid */
 	char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
 
+	if (pw_password == NULL)
+		return 0;
+
 	/* Check for users with no password. */
 	if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
 		return (1);
author	Damien Miller <djm@mindrot.org>	2018-10-11 02:29:35 +0200
committer	Damien Miller <djm@mindrot.org>	2018-10-11 02:29:35 +0200
commit	c29b111e7d87c2324ff71c80653dd8da168c13b9 (patch)
tree	1f3bec2f9d79467c6a4f164c37d00f0f1ce0b0dd /auth-passwd.c
parent	check for NULL return from shadow_pw() (diff)
download	openssh-c29b111e7d87c2324ff71c80653dd8da168c13b9.tar.xz openssh-c29b111e7d87c2324ff71c80653dd8da168c13b9.zip