Handle empty argv

[opendoas.git] / doas.c

diff --git a/doas.c b/doas.c
index a99b964105e3465adb2c947bc974a0610cb87f70..d348d2554b6f23a5c364ccccc8c8ce64cc09bf58 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -273,6 +273,11 @@ main(int argc, char **argv)
        const char *cwd;
        char **envp;
 
+       if (argc <= 0 || argv == NULL || argv[0] == NULL) {
+               fprintf(stderr, "doas: executed without argv\n");
+               exit(1);
+       }
+
        setprogname("doas");
 
        closefrom(STDERR_FILENO + 1);
@@ -362,7 +367,6 @@ main(int argc, char **argv)
                errc(1, EPERM, NULL);
        }
 
-#if defined(USE_SHADOW)
        if (!(rule->options & NOPASS)) {
                if (nflag)
                        errx(1, "Authentication required");
@@ -371,12 +375,6 @@ main(int argc, char **argv)
                if (ret == 5)
                        authfail(rule->options & INSULT);
        }
-#elif !defined(USE_PAM)
-       /* no authentication provider, only allow NOPASS rules */
-       (void) nflag;
-       if (!(rule->options & NOPASS))
-               errx(1, "Authentication required");
-#endif
 
        if ((p = getenv("PATH")) != NULL)
                formerpath = strdup(p);
@@ -394,11 +392,6 @@ main(int argc, char **argv)
        if (targpw == NULL)
                errx(1, "no passwd entry for target");
 
-#if defined(USE_PAM)
-       pamauth(targpw->pw_name, mypw->pw_name, !nflag, rule->options & NOPASS,
-           rule->options & PERSIST);
-#endif
-
 #ifdef HAVE_LOGIN_CAP_H
        if (setusercontext(NULL, targpw, target, LOGIN_SETGROUP |
            LOGIN_SETPATH |