From e21fd1f344a67844925ab9a06b0f54299c94b56c Mon Sep 17 00:00:00 2001
From: "Anton D. Kachalov" <rnouse@google.com>
Date: Tue, 29 Sep 2020 23:20:57 +0200
Subject: Prevent SEGFAULT for unknown UID

When running systemd service with DynamicUser being set, the dynamic UID
might be not mapped to user name (/etc/nsswitch.conf is not configured
with systemd nss module).

The getuidname() routine might return NULL and this is not checked by callee.

Signed-off-by: Anton D. Kachalov <rnouse@google.com>
---
 modules/pam_unix/unix_chkpwd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/pam_unix/unix_chkpwd.c')

diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c
index 15a1c2a8..3931bab2 100644
--- a/modules/pam_unix/unix_chkpwd.c
+++ b/modules/pam_unix/unix_chkpwd.c
@@ -137,7 +137,7 @@ int main(int argc, char *argv[])
 	  user = getuidname(getuid());
 	  /* if the caller specifies the username, verify that user
 	     matches it */
-	  if (strcmp(user, argv[1])) {
+	  if (user == NULL || strcmp(user, argv[1])) {
 	    user = argv[1];
 	    /* no match -> permanently change to the real user and proceed */
 	    if (setuid(getuid()) != 0)
-- 
cgit v1.2.3