diff options
author | cognet <cognet@FreeBSD.org> | 2006-03-28 15:30:42 +0000 |
---|---|---|
committer | cognet <cognet@FreeBSD.org> | 2006-03-28 15:30:42 +0000 |
commit | bd709e58838dbec13072e2c972b632e5bcf5a583 (patch) | |
tree | eb3c6616fe1ff5021c7ea358b8afbe9603d995c3 | |
parent | 332f3f5a7b651b0922cbb5efbb768487a44caad5 (diff) | |
download | FreeBSD-src-bd709e58838dbec13072e2c972b632e5bcf5a583.zip FreeBSD-src-bd709e58838dbec13072e2c972b632e5bcf5a583.tar.gz |
Don't call audit_logout() if pwd is NULL, as audit_logout() attempts to
dereference it.
This will happen if we ^D at the Login: prompt without having provided a
valid login before.
Set pwd to NULL on bad login attempts to prevent audit_logout() from being
called for a user which didn't actually log on.
Reported by: Jerome Magnin jethro at docisland dot org
-rw-r--r-- | usr.bin/login/login.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c index f23467d..b7aa278 100644 --- a/usr.bin/login/login.c +++ b/usr.bin/login/login.c @@ -343,6 +343,8 @@ main(int argc, char *argv[]) (void)printf("Login incorrect\n"); failures++; + pwd = NULL; + /* * Allow up to 'retry' (10) attempts, but start * backing off after 'backoff' (3) attempts. @@ -951,7 +953,8 @@ bail(int sec, int eval) { pam_cleanup(); - audit_logout(); + if (pwd != NULL) + audit_logout(); (void)sleep(sec); exit(eval); } |