This stops /bin/login segfaulting when giving it a bad UID. However, the fact that the UID does not exist is still leaked, since libshouldbeinlibc/idvec-verify.c:verify_id falls back on asking for the root password, and indicates this by changing the prompt to "Password for root".
James Clarke (1): Add missing null checks in libshouldbeinlibc libshouldbeinlibc/idvec-rep.c | 4 ++-- libshouldbeinlibc/idvec-verify.c | 7 ++++--- 2 files changed, 6 insertions(+), 5 deletions(-) -- 2.5.3