From 57166b400c25c2e45b23639a413edc3620cf2812 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Mon, 29 Apr 2013 23:42:37 +0800
Subject: [PATCH] Avoid segfault for locked accounts (invalid salt to crypt())

---
 svr-authpasswd.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/svr-authpasswd.c b/svr-authpasswd.c
index 38fccc2e..17dd2a1b 100644
--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
@@ -66,6 +66,14 @@ void svr_auth_password() {
 	m_burn(password, passwordlen);
 	m_free(password);
 
+	if (testcrypt == NULL) {
+		/* crypt() with an invalid salt like "!!" */
+		dropbear_log(LOG_WARNING, "User account '%s' is locked",
+				ses.authstate.pw_name);
+		send_msg_userauth_failure(0, 1);
+		return;
+	}
+
 	/* check for empty password */
 	if (passwdcrypt[0] == '\0') {
 		dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
-- 
GitLab