main/pam-pgsql/CVE-2013-0191.patch


1
2
3
4
5
6
7
8
9
10
11

--- ./src/backend_pgsql.c.orig	2013-02-07 13:06:48.982679657 +0000
+++ ./src/backend_pgsql.c	2013-02-07 13:09:00.973830056 +0000
@@ -258,7 +258,7 @@
 	if(pg_execParam(conn, &res, options->query_auth, service, user, passwd, rhost) == PAM_SUCCESS) {
 		if(PQntuples(res) == 0) {
 			rc = PAM_USER_UNKNOWN;
-		} else {
+		} else if (!PQgetisnull(res, 0, 0)) {
 			char *stored_pw = PQgetvalue(res, 0, 0);
 			if (!strcmp(stored_pw, (tmp = password_encrypt(options, user, passwd, stored_pw)))) rc = PAM_SUCCESS;
 			free (tmp);