From 1bde7d8c5cff8adc1ac9304cc6b0ef92aec74b51 Mon Sep 17 00:00:00 2001
From: Jon Trulson <jon@radscan.com>
Date: Sat, 27 Dec 2014 16:06:23 -0700
Subject: [PATCH] dtsession/SmLock: potential null deref (CID 87561, 87957,
 88181)

---
 cde/programs/dtsession/SmLock.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cde/programs/dtsession/SmLock.c b/cde/programs/dtsession/SmLock.c
index 25069851..fb45d37c 100644
--- a/cde/programs/dtsession/SmLock.c
+++ b/cde/programs/dtsession/SmLock.c
@@ -162,7 +162,8 @@ static Boolean CanReAuthenticate(char *name, uid_t uid, char *passwd,
   Boolean fail = False;
 
   *pwent = (name == NULL) ? getpwuid(uid) : getpwnam(name);
-  *spent = getspnam((*pwent)->pw_name);
+  if (pwent)
+    *spent = getspnam((*pwent)->pw_name);
 
 #ifdef JET_AUTHDEBUG
   fprintf(stderr, "CanReAuthenticate(): %s %s %s\n",
-- 
2.25.1