2 files changed, 8 insertions, 2 deletions

diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 816668f5..2ea57cc6 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -813,6 +813,12 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
 	} else {
 		struct passwd *pwd;
 		_unix_getpwnam(pamh, user, 1, 1, &pwd);
+		if (pwd == NULL) {
+			_log_err(LOG_DEBUG, pamh,
+				"user \"%s\" has corrupted passwd entry",
+				user);
+			return PAM_USER_UNKNOWN;
+		}
 		if (!_unix_shadowed(pwd) &&
 		    (strchr(pwd->pw_passwd, '*') != NULL)) {
 			_log_err(LOG_DEBUG, pamh,
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index 5b23b8e9..5138a875 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -390,14 +390,14 @@ int _unix_getpwnam(pam_handle_t *pamh, const char *name,
 		}
 		memset(*ret, '\0', buflen);
 
-		(*ret)->pw_uid = strtol(suid, &p, 0);
+		(*ret)->pw_uid = strtol(suid, &p, 10);
 		if ((strlen(sgid) == 0) || (*p != '\0')) {
 			free(*ret);
 			*ret = NULL;
 			return matched;
 		}
 
-		(*ret)->pw_gid = strtol(sgid, &p, 0);
+		(*ret)->pw_gid = strtol(sgid, &p, 10);
 		if ((strlen(sgid) == 0) || (*p != '\0')) {
 			free(*ret);
 			*ret = NULL;