[Slackbuilds-users] [SLiM] Potential NULL pointer dereference

mancha mancha1 at hush.com
Wed Jul 3 04:55:17 UTC 2013


When SLiM uses crypt() to authenticate and it returns a NULL
pointer (as glibc 2.17+ does for invalid input such as a
locked account with a "!" prepended password field), then
logging in to such an account via SLiM crashes the daemon.

slim[1819]: segfault at 0 ip b7220909 sp bf85deb4 error 4 in libc-

I have been in touch with SLiM's primary developer and he
has committed my fix here:


This fix applies cleanly to 1.3.5 and prevents the segfaults
on Slackware-current and is fully backwards compatible
with older Slackware versions.


PS. Upon subscribing to the list, my password and other
info (name, email, etc.) were sent cleartext. Having it
go over SSL is very easy to do. Here's a good how-to:

More information about the SlackBuilds-users mailing list