From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Tue, 16 Aug 2016 11:46:08 +0000 (+0300)
Subject: auth: Ensure username can't be left unset in APOP
X-Git-Tag: 2.2.26~341
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=45e3aa0de1aee458cda09adda7bfd9db18fd782b;p=thirdparty%2Fdovecot%2Fcore.git

auth: Ensure username can't be left unset in APOP

Makes static analysers happy
---

diff --git a/src/auth/mech-apop.c b/src/auth/mech-apop.c
index 4c7a530876..aed248d49f 100644
--- a/src/auth/mech-apop.c
+++ b/src/auth/mech-apop.c
@@ -101,6 +101,12 @@ mech_apop_auth_initial(struct auth_request *auth_request,
 		username = ++tmp;
 		while (tmp != end && *tmp != '\0')
 			tmp++;
+	} else {
+		/* should never happen */
+		auth_request_log_info(auth_request, AUTH_SUBSYS_MECH,
+			"malformed data");
+		auth_request_fail(auth_request);
+		return;
 	}
 
 	if (tmp + 1 + 16 != end) {