--- Owl/packages/popa3d/popa3d/auth_passwd.c	2002/03/20 17:08:45	1.1
+++ Owl/packages/popa3d/popa3d/auth_passwd.c	2012/08/15 09:06:39	1.2
@@ -26,9 +26,11 @@ struct passwd *auth_userpass(char *user,
 	if (!pw || !*pw->pw_passwd ||
 	    *pw->pw_passwd == '*' || *pw->pw_passwd == '!')
 		crypt(pass, AUTH_DUMMY_SALT);
-	else
-	if (!strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd))
-		result = pw;
+	else {
+		char *hash = crypt(pass, pw->pw_passwd);
+		if (hash && !strcmp(hash, pw->pw_passwd))
+			result = pw;
+	}
 
 	if (pw)
 		memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));
--- Owl/packages/popa3d/popa3d/auth_shadow.c	2006/03/05 13:18:32	1.2
+++ Owl/packages/popa3d/popa3d/auth_shadow.c	2012/08/15 09:06:39	1.3
@@ -52,9 +52,11 @@ struct passwd *auth_userpass(char *user,
 		if (!(spw = getspnam(user)) || !pw || !*spw->sp_pwdp ||
 		    *spw->sp_pwdp == '*' || *spw->sp_pwdp == '!')
 			crypt(pass, AUTH_DUMMY_SALT);
-		else
-		if (!strcmp(crypt(pass, spw->sp_pwdp), spw->sp_pwdp))
-			result = 1;
+		else {
+			char *hash = crypt(pass, spw->sp_pwdp);
+			if (hash && !strcmp(hash, spw->sp_pwdp))
+				result = 1;
+		}
 		write(channel[1], &result, 1);
 		exit(0);
 	}
--- Owl/packages/popa3d/popa3d/virtual.c	2006/03/07 03:30:15	1.3
+++ Owl/packages/popa3d/popa3d/virtual.c	2012/08/15 09:06:39	1.4
@@ -175,8 +175,11 @@ struct passwd *virtual_userpass(char *us
 	endpwent();
 
 	result = NULL;
-	if (!strcmp(crypt(pass, passwd), passwd) && !fail)
-		result = pw;
+	{
+		char *computed_hash = crypt(pass, passwd);
+		if (computed_hash && !strcmp(computed_hash, passwd) && !fail)
+			result = pw;
+	}
 
 	memset(auth, 0, sizeof(auth));