I've included a replacement for patch-saslauthd_auth_getpwent_c. If crypt() fails (because the pw->pw_passwd is "*") strcmp() fails when passed NULL. This is happening as my mail server is being probed for relay services. I have run this patch for about 2 days without a problem where the original would loose a process within 2-3 hours (and completely die within a day). I only use getpwent and have not examined the other methods for simular code.
Brad *** saslauthd/auth_getpwent.c.orig Fri Oct 12 08:05:48 2012 --- saslauthd/auth_getpwent.c Sat Nov 18 14:28:47 2017 *************** *** 78,87 **** /* VARIABLES */ struct passwd *pw; /* pointer to passwd file entry */ int errnum; /* END VARIABLES */ errno = 0; ! pw = getpwnam(login); errnum = errno; endpwent(); --- 78,88 ---- /* VARIABLES */ struct passwd *pw; /* pointer to passwd file entry */ int errnum; + char *cr; /* END VARIABLES */ errno = 0; ! pw = getpwnam_shadow(login); errnum = errno; endpwent(); *************** *** 105,111 **** } } ! if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { if (flags & VERBOSE) { syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login); } --- 106,113 ---- } } ! cr = crypt(password, pw->pw_passwd); ! if (cr == NULL || strcmp(pw->pw_passwd, (const char *)cr)) { if (flags & VERBOSE) { syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login); }