diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | auth-passwd.c | 3 |
2 files changed, 6 insertions, 1 deletions
@@ -1,3 +1,7 @@ +20120426 + - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters + via Niels + 20120423 - OpenBSD CVS Sync - djm@cvs.openbsd.org 2012/04/23 08:18:17 diff --git a/auth-passwd.c b/auth-passwd.c index b1c6ce09..68bbd18d 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -209,6 +209,7 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) * Authentication is accepted if the encrypted passwords * are identical. */ - return (strcmp(encrypted_password, pw_password) == 0); + return encrypted_password != NULL && + strcmp(encrypted_password, pw_password) == 0; } #endif |