RESPONDER: Fix segfault in sss_packet_send()

There are several places (all error-handling) where sss_cmd_done()
is called with no response packet created. As a short-term
solution, we need to check whether the packet is NULL and simply
return EINVAL. client_send() (the consumer) will then forcibly
disconnect the client (which will return PAM_SYSTEM_ERR to the
client).

1 files changed, 5 insertions, 0 deletions

diff --git a/src/responder/common/responder_packet.c b/src/responder/common/responder_packet.c
index d308ecd43..5132d955b 100644
--- a/src/responder/common/responder_packet.c
+++ b/src/responder/common/responder_packet.c
@@ -217,6 +217,11 @@ int sss_packet_send(struct sss_packet *packet, int fd)
     size_t len;
     void *buf;
 
+    if (!packet) {
+        /* No packet object to write to? */
+        return EINVAL;
+    }
+
     buf = packet->buffer + packet->iop;
     len = *packet->len - packet->iop;