From 0fda2dfa8c91818085202f278ab913cc9e9bf8f1 Mon Sep 17 00:00:00 2001
From: Timo Sirainen <tss@iki.fi>
Date: Wed, 26 Feb 2003 23:27:17 +0200
Subject: [PATCH] Invalid PLAIN auth request crashed auth process.

--HG--
branch : HEAD
---
 src/auth/mech-plain.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/auth/mech-plain.c b/src/auth/mech-plain.c
index 7ecb826cc0..87549c1e1f 100644
--- a/src/auth/mech-plain.c
+++ b/src/auth/mech-plain.c
@@ -42,12 +42,17 @@ mech_plain_auth_continue(struct auth_request *auth_request,
 		}
 	}
 
-	/* split and save user/realm */
-	auth_request->user = p_strdup(auth_request->pool, authenid);
-	passdb->verify_plain(auth_request, pass, verify_callback);
+	if (authenid == NULL) {
+		/* invalid input */
+		mech_auth_finish(auth_request, NULL, 0, FALSE);
+	} else {
+		/* split and save user/realm */
+		auth_request->user = p_strdup(auth_request->pool, authenid);
+		passdb->verify_plain(auth_request, pass, verify_callback);
 
-	/* make sure it's cleared */
-	safe_memset(pass, 0, strlen(pass));
+		/* make sure it's cleared */
+		safe_memset(pass, 0, strlen(pass));
+	}
 	return TRUE;
 }
 
-- 
2.47.3