From 5bef5346c23583ece8308163d85522d15f714475 Mon Sep 17 00:00:00 2001
From: Andrew Deason <adeason@sinenomine.net>
Date: Wed, 13 Apr 2011 11:10:52 -0500
Subject: [PATCH] pam: Check for null upwd from getpwnam_r

The POSIX getpwnam_r can yield a NULL struct passwd pointer even when
the returned error code is 0 (in particular, when the requested entry
is not found). Just add a check for a null upwd to make sure we don't
dereference a NULL pointer.

Reviewed-on: http://gerrit.openafs.org/4469
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit fbb4c6115b9af9c52ee06fa9c979a3f4195ad342)

Change-Id: I9a8bccba7b6ecbce393ea149270e5c61ebadd05c
Reviewed-on: http://gerrit.openafs.org/6290
Tested-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
---
 src/pam/afs_auth.c     | 2 +-
 src/pam/afs_password.c | 2 +-
 src/pam/afs_setcred.c  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/pam/afs_auth.c b/src/pam/afs_auth.c
index 53d05ad21..6e68640ac 100644
--- a/src/pam/afs_auth.c
+++ b/src/pam/afs_auth.c
@@ -183,7 +183,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     if (i == 0)			/* getpwnam_r success */
 	upwd = &unix_pwd;
 #endif /* else AFS_HPUX110_ENV */
-    if (ignore_uid && i == 0 && upwd->pw_uid <= ignore_uid_id) {
+    if (ignore_uid && i == 0 && upwd && upwd->pw_uid <= ignore_uid_id) {
 	pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
 	RET(PAM_AUTH_ERR);
     }
diff --git a/src/pam/afs_password.c b/src/pam/afs_password.c
index ff4a8717b..afd801965 100644
--- a/src/pam/afs_password.c
+++ b/src/pam/afs_password.c
@@ -127,7 +127,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
     if (i == 0)			/* getpwnam_r success */
 	upwd = &unix_pwd;
 #endif /* else AFS_HPUX110_ENV */
-    if (ignore_root && i == 0 && upwd->pw_uid == 0) {
+    if (ignore_root && i == 0 && upwd && upwd->pw_uid == 0) {
 	pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
 	RET(PAM_AUTH_ERR);
     }
diff --git a/src/pam/afs_setcred.c b/src/pam/afs_setcred.c
index 850ba672c..573445d19 100644
--- a/src/pam/afs_setcred.c
+++ b/src/pam/afs_setcred.c
@@ -163,7 +163,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
     if (i == 0)			/* getpwnam_r success */
 	upwd = &unix_pwd;
 #endif /* AFS_HPUX110_ENV */
-    if (ignore_uid && i == 0 && upwd->pw_uid <= ignore_uid_id) {
+    if (ignore_uid && i == 0 && upwd && upwd->pw_uid <= ignore_uid_id) {
 	pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
 	RET(PAM_AUTH_ERR);
     }
-- 
2.39.5