From c07dd162fe2caf7c2e5772e572ca17f59481088e Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 20 Mar 2020 11:46:22 +0100
Subject: [PATCH] Avoid dereference of potentially null arguments

---
 pam_user_authorized_keys.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/pam_user_authorized_keys.c b/pam_user_authorized_keys.c
index abe7a15..5787a1a 100644
--- a/pam_user_authorized_keys.c
+++ b/pam_user_authorized_keys.c
@@ -158,11 +158,12 @@ parse_authorized_key_file(const char *user,
 int
 pam_user_key_allowed(const char *ruser, Key * key)
 {
+    struct passwd *pw;
     return
-        pamsshagentauth_user_key_allowed2(getpwuid(authorized_keys_file_allowed_owner_uid),
-                                          key, authorized_keys_file)
-        || pamsshagentauth_user_key_allowed2(getpwuid(0), key,
-                                             authorized_keys_file)
+        ( (pw = getpwuid(authorized_keys_file_allowed_owner_uid)) &&
+            pamsshagentauth_user_key_allowed2(pw, key, authorized_keys_file))
+        || ((pw = getpwuid(0)) &&
+            pamsshagentauth_user_key_allowed2(pw, key, authorized_keys_file))
         || pamsshagentauth_user_key_command_allowed2(authorized_keys_command,
                                                      authorized_keys_command_user,
                                                      getpwnam(ruser), key);