Hi guys, Discovered this SEGV when trying out radiusd with bsdauth and an alternative user auth mechanism, when group checking is enabled.
If the user argument has the ":style" suffix attached to it then getpwnam(user) will return a NULL pointer. I tried just using strsep(3) to strip off the auth style and it works for me (this is probably not the safest bit of coding but i'm sure you figure out). --- usr.sbin/radiusd/radiusd_bsdauth.c.orig Fri Dec 13 22:13:13 2019 +++ usr.sbin/radiusd/radiusd_bsdauth.c Fri Dec 13 22:12:29 2019 @@ -164,7 +164,7 @@ case IMSG_BSDAUTH_GROUPCHECK: { int i; - char *user, *group; + char *user, *group, *tmp; struct passwd *pw; struct group gr0, *gr; char g_buf[4096]; @@ -189,6 +189,8 @@ group = user + args->userlen; group[args->grouplen - 1] = '\0'; + tmp = user; + user = strsep(&tmp, ":"); pw = getpwnam(user); if (getgrnam_r(group, &gr0, g_buf, sizeof(g_buf), &gr) == -1 || gr == NULL) BR, Dennis.