pam_exec: fix a potential null pointer dereference

Fix a null pointer dereference when pam_prompt returns PAM_SUCCESS
but the response is set to NULL.

* modules/pam_exec/pam_exec.c (call_exec): Do not invoke strndupa
with a null pointer.

Closes: https://github.com/linux-pam/linux-pam/pull/2

diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
index f7de1aa504ade6f08be118afe5d6e704b49f0e35..52dc6818d5bb7c3efb863a84c45d860e325b492c 100644 (file)
--- a/modules/pam_exec/pam_exec.c
+++ b/modules/pam_exec/pam_exec.c
@@ -177,9 +177,12 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
                  return retval;
                }
 
-             pam_set_item (pamh, PAM_AUTHTOK, resp);
-             authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
-             _pam_drop (resp);
+             if (resp)
+               {
+                 pam_set_item (pamh, PAM_AUTHTOK, resp);
+                 authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
+                 _pam_drop (resp);
+               }
            }
          else
            authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);