From: Timo Sirainen <tss@iki.fi>
Date: Thu, 29 Oct 2015 12:09:52 +0000 (+0200)
Subject: auth: Avoid a crash by not trying to save empty delayed credentials.
X-Git-Tag: 2.2.20.rc1~114
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d3b2c07f93399cdeceb35f99c5006d72fe9381bd;p=thirdparty%2Fdovecot%2Fcore.git

auth: Avoid a crash by not trying to save empty delayed credentials.
---

diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
index 344d45a606..95dfe1e44b 100644
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -810,7 +810,7 @@ auth_request_lookup_credentials_finish(enum passdb_result result,
 	if (!auth_request_handle_passdb_callback(&result, request)) {
 		/* try next passdb */
 		if (request->skip_password_check &&
-		    request->delayed_credentials == NULL) {
+		    request->delayed_credentials == NULL && size > 0) {
 			/* passdb continue* rule after a successful lookup.
 			   remember these credentials and use them later on. */
 			unsigned char *dup;