From 2b563debfcb329c924ad569e53f4e7ddf5f5256f Mon Sep 17 00:00:00 2001
From: djm <djm>
Date: Mon, 4 Dec 2006 22:08:54 +0000
Subject: [PATCH]  - (djm) [auth.c] Fix NULL pointer dereference in fakepw(). 
 Crash would    occur if the server did not have the privsep user and an
 invalid user    tried to login and both privsep and krb5 auth are disabled.

---
 ChangeLog | 5 +++++
 auth.c    | 4 ++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index e40a7f10..d747306d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+20061205
+ - (djm) [auth.c] Fix NULL pointer dereference in fakepw().  Crash would
+   occur if the server did not have the privsep user and an invalid user
+   tried to login and both privsep and krb5 auth are disabled; ok dtucker@
+
 20061108
  - (dtucker) OpenBSD CVS Sync
    - markus@cvs.openbsd.org 2006/11/07 13:02:07
diff --git a/auth.c b/auth.c
index 5d23343b..505102f8 100644
--- a/auth.c
+++ b/auth.c
@@ -569,8 +569,8 @@ fakepw(void)
 	fake.pw_passwd =
 	    "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
 	fake.pw_gecos = "NOUSER";
-	fake.pw_uid = privsep_pw->pw_uid;
-	fake.pw_gid = privsep_pw->pw_gid;
+	fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;
+	fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;
 #ifdef HAVE_PW_CLASS_IN_PASSWD
 	fake.pw_class = "";
 #endif
-- 
2.45.1