1 files changed, 10 insertions, 8 deletions

diff --git a/auth/passwd.c b/auth/passwd.c
index 0cee8a303..bea1ac051 100644
--- a/auth/passwd.c
+++ b/auth/passwd.c
@@ -73,14 +73,14 @@ passwd_verify(pw, pass, auth)
     char sav, *epass;
     char *pw_epasswd = auth->data;
     size_t pw_len;
-    int error;
+    int matched = 0;
 
     pw_len = strlen(pw_epasswd);
 
 #ifdef HAVE_GETAUTHUID
     /* Ultrix shadow passwords may use crypt16() */
-    error = strcmp(pw_epasswd, (char *) crypt16(pass, pw_epasswd));
-    if (!error)
+    epass = (char *) crypt16(pass, pw_epasswd);
+    if (epass != NULL && strcmp(pw_epasswd, epass) == 0)
 	return AUTH_SUCCESS;
 #endif /* HAVE_GETAUTHUID */
 
@@ -99,12 +99,14 @@ passwd_verify(pw, pass, auth)
      */
     epass = (char *) crypt(pass, pw_epasswd);
     pass[8] = sav;
-    if (HAS_AGEINFO(pw_epasswd, pw_len) && strlen(epass) == DESLEN)
-	error = strncmp(pw_epasswd, epass, DESLEN);
-    else
-	error = strcmp(pw_epasswd, epass);
+    if (epass != NULL) {
+	if (HAS_AGEINFO(pw_epasswd, pw_len) && strlen(epass) == DESLEN)
+	    matched = !strncmp(pw_epasswd, epass, DESLEN);
+	else
+	    matched = !strcmp(pw_epasswd, epass);
+    }
 
-    return error ? AUTH_FAILURE : AUTH_SUCCESS;
+    return matched ? AUTH_SUCCESS : AUTH_FAILURE;
 }
 
 int