- (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULL

   appdata_ptr to the conversation function.  ok djm@

By rights we should free the messages too, but if this happens then one
of the modules has already proven itself to be buggy so can we trust
the messages?

diff --git a/ChangeLog b/ChangeLog
index 8489e3437e17fe211c4f3e59a36f44bd84fbc1e9..3bcf24786beb07605354539442a11ef6df486827 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20040630
+ - (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULL
+   appdata_ptr to the conversation function.  ok djm@
+
 20040627
  - (tim) update README files.
  - (dtucker) [mdoc2man.awk] Bug #883: correctly recognise .Pa and .Ev macros.

diff --git a/auth-pam.c b/auth-pam.c
index 0d4335397e27ba6ffc6b163d0cb44f056b6aae7d..5d8fcded59a89c667379d542fe060cf446e57d49 100644 (file)
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -275,6 +275,10 @@ sshpam_thread_conv(int n, const struct pam_message **msg,
        debug3("PAM: %s entering, %d messages", __func__, n);
        *resp = NULL;
 
+       if (data == NULL) {
+               error("PAM: conversation function passed a null context");
+               return (PAM_CONV_ERR);
+       }
        ctxt = data;
        if (n <= 0 || n > PAM_MAX_NUM_MSG)
                return (PAM_CONV_ERR);