From fe8e8f349a553ef4c567acd418aac769a82b7729 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 11 Oct 2018 11:03:15 +1100 Subject: [PATCH] check for NULL return from shadow_pw() probably unreachable on this platform; pointed out by coolbugcheckers AT gmail.com --- openbsd-compat/port-uw.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c index 9edb1b481..132213131 100644 --- a/openbsd-compat/port-uw.c +++ b/openbsd-compat/port-uw.c @@ -60,6 +60,9 @@ sys_auth_passwd(struct ssh *ssh, const char *password) /* Just use the supplied fake password if authctxt is invalid */ char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; + if (pw_password == NULL) + return 0; + /* Check for users with no password. */ if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) return (1);