diff -urN Linux-PAM-0.99.7.1.orig/modules/pam_unix/support.c Linux-PAM-0.99.7.1/modules/pam_unix/support.c
--- Linux-PAM-0.99.7.1.orig/modules/pam_unix/support.c	2007-01-23 10:41:21.000000000 +0100
+++ Linux-PAM-0.99.7.1/modules/pam_unix/support.c	2007-02-04 20:00:16.992352631 +0100
@@ -694,13 +695,13 @@
 	    } else {
 		if (!strncmp(salt, "$1$", 3)) {
 		    pp = Goodcrypt_md5(p, salt);
-		    if (strcmp(pp, salt) != 0) {
+		    if (pp && strcmp(pp, salt) != 0) {
 			_pam_delete(pp);
 			pp = Brokencrypt_md5(p, salt);
 		    }
 		} else if (*salt != '$' && salt_len >= 13) {
 		    pp = bigcrypt(p, salt);
-		    if (strlen(pp) > salt_len) {
+		    if (pp && strlen(pp) > salt_len) {
 			pp[salt_len] = '\0';
 		    }
 		} else {
@@ -715,7 +718,7 @@
 		/* the moment of truth -- do we agree with the password? */
 		D(("comparing state of pp[%s] and salt[%s]", pp, salt));
 
-		if (strcmp(pp, salt) == 0) {
+		if (pp && strcmp(pp, salt) == 0) {
 		    retval = PAM_SUCCESS;
 		} else {
 		    retval = PAM_AUTH_ERR;
diff -urN Linux-PAM-0.99.7.1.orig/modules/pam_unix/unix_chkpwd.c Linux-PAM-0.99.7.1/modules/pam_unix/unix_chkpwd.c
--- Linux-PAM-0.99.7.1.orig/modules/pam_unix/unix_chkpwd.c	2006-10-24 12:01:49.000000000 +0200
+++ Linux-PAM-0.99.7.1/modules/pam_unix/unix_chkpwd.c	2007-02-04 19:53:39.269687706 +0100
@@ -196,20 +197,20 @@
 	retval = PAM_AUTH_ERR;
 	if (!strncmp(salt, "$1$", 3)) {
 		pp = Goodcrypt_md5(p, salt);
-		if (strcmp(pp, salt) == 0) {
+		if (pp && strcmp(pp, salt) == 0) {
 			retval = PAM_SUCCESS;
 		} else {
 			pp = Brokencrypt_md5(p, salt);
-			if (strcmp(pp, salt) == 0)
+			if (pp && strcmp(pp, salt) == 0)
 				retval = PAM_SUCCESS;
 		}
 	} else if (*salt == '$') {
 	        /*
 		 * Ok, we don't know the crypt algorithm, but maybe
 		 * libcrypt nows about it? We should try it.
 		 */
 	        pp = x_strdup (crypt(p, salt));
-		if (strcmp(pp, salt) == 0) {
+		if (pp && strcmp(pp, salt) == 0) {
 			retval = PAM_SUCCESS;
 		}
 	} else if ((*salt == '*') || (salt_len < 13)) {
@@ -225,7 +230,7 @@
 		 * stored string with the subset of bigcrypt's result.
 		 * Bug 521314: the strncmp comparison is for legacy support.
 		 */
-		if (strncmp(pp, salt, salt_len) == 0) {
+		if (pp && strncmp(pp, salt, salt_len) == 0) {
 			retval = PAM_SUCCESS;
 		}
 	}