From dfb6daca1fc398949fcba19e030748ebe8487de2 Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Tue, 26 May 2026 14:08:38 +0200 Subject: [PATCH] BUG/MEDIUM: auth: fix unconfigured password NULL deref Fix a case of dereference NULL pointer when trying to use an user from an userlist which does not have a password configured. The check_user() function tries to do an strcmp of the password, howver u->pass is NULL and the strcmp would crash when trying. Must be backported in every stable branches. --- src/auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/auth.c b/src/auth.c index f2380753a..d82cead9c 100644 --- a/src/auth.c +++ b/src/auth.c @@ -297,7 +297,7 @@ check_user(struct userlist *ul, const char *user, const char *pass) fprintf(stderr, ", crypt=%s\n", ((ep) ? ep : "")); #endif - if (ep && strcmp(ep, u->pass) == 0) + if (ep && u->pass && strcmp(ep, u->pass) == 0) return 1; else return 0;