Check if auth_user is set.

Fixes a crash if password packet appears before startup packet (#42).

diff --git a/src/client.c b/src/client.c
index 275fd1aaa675fa5694c8452bd40610a1a4918c9d..49b262445a1ca126783686963669899e073ab5b4 100644 (file)
--- a/src/client.c
+++ b/src/client.c
@@ -39,6 +39,12 @@ static bool check_client_passwd(PgSocket *client, const char *passwd)
        const char *correct;
        PgUser *user = client->auth_user;
 
+       /* auth_user may be missing */
+       if (!user) {
+               slog_error(client, "Password packet before auth packet?");
+               return false;
+       }
+
        /* disallow empty passwords */
        if (!*passwd || !*user->passwd)
                return false;