illumos-gate Udiff usr/src/lib/libpam/pam

Print this page

10104 pam_set_data() dereferences pointer before checking for NULL

@@ -21,10 +21,14 @@
 /*
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
+/*
+ * Copyright (c) 2019, Joyent, Inc.
+ */
+
 #include <syslog.h>
 #include <dlfcn.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <stdlib.h>

@@ -795,12 +799,12 @@
 {
         struct pam_module_data *psd;
 
         pam_trace(PAM_DEBUG_DATA,
             "pam_set_data(%p:%s:%d)=%p", (void *)pamh,
-            module_data_name ? module_data_name : "NULL", pamh->pam_inmodule,
-            data);
+            (module_data_name != NULL) ? module_data_name : "NULL",
+            (pamh != NULL) ? pamh->pam_inmodule : -1, data);
         if (pamh == NULL || (pamh->pam_inmodule != WO_OK) ||
             module_data_name == NULL) {
                 return (PAM_SYSTEM_ERR);
         }