From c69cf93bfb3a221d9106f3695aa16e11f7e8b7fb Mon Sep 17 00:00:00 2001
From: Sergey Vojtovich <svoj@mariadb.org>
Date: Wed, 16 Sep 2015 17:24:34 +0400
Subject: [PATCH] MDEV-8673 - [PATCH] Missing Sanity Check for strndup() in
 MariaDB 10.0.2x

Contributed by Bill Parker.

Added check for strndup() return value.
---
 plugin/auth_pam/auth_pam.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/plugin/auth_pam/auth_pam.c b/plugin/auth_pam/auth_pam.c
index fbca8bf9e93..3e3462d3ba0 100644
--- a/plugin/auth_pam/auth_pam.c
+++ b/plugin/auth_pam/auth_pam.c
@@ -98,7 +98,8 @@ static int conv(int n, const struct pam_message **msg,
       if (pkt_len < 0)
         return PAM_CONV_ERR;
       /* allocate and copy the reply to the response array */
-      (*resp)[i].resp = strndup((char*)pkt, pkt_len);
+      if (!((*resp)[i].resp= strndup((char*) pkt, pkt_len)))
+        return PAM_CONV_ERR;
       param->ptr = param->buf + 1;
     }
   }