diff -Naur apg-2.3.0b-orig/restrict.c apg-2.3.0b/restrict.c

--- apg-2.3.0b-orig/restrict.c	2003-08-07 11:40:39.000000000 -0400

+++ apg-2.3.0b/restrict.c	2012-04-23 15:01:38.968745907 -0400

@@ -54,6 +54,10 @@

  FILE *dct;

  char *string;

  char *tmp;

+

+ if( pass == NULL)

+   return(-1);

+

  if( (string = (char *) calloc(1,MAX_DICT_STRING_SIZE)) == NULL)

    return(-1);

@@ -140,13 +144,17 @@

 paranoid_bloom_check_pass (char * password, char *filter, USHORT s_len)

 {

  char * substring;

- int len = strlen(password); /* string length                      */

+ int len = 0;

  int c_substr_start_pos = 0; /* current start position             */

  int substr_len = 0;         /* substring length (LEN-I >= substr_len >= 2) */

  int k = 0;                  /* counter                            */

  int c = 0;                  /* counter                            */

  int ret = 0;

  if (s_len < 2) s_len = 2;

+ if(password == NULL)

+   return (-1);

+

+ len = strlen(password); /* string length                      */

  if (s_len > len) return (bloom_check_pass(password, filter));

 #ifdef APG_DEBUG

@@ -203,16 +211,19 @@

 cracklib_check_pass(char *pw, char *dictpath)

 {

  char * msg;

- msg = FascistCheck(pw,dictpath);

- if (msg == NULL) return (0);

- else

+ if( pw != NULL)

   {

+   msg = FascistCheck(pw,dictpath);

+   if (msg == NULL) return (0);

+   else

+    {

 #ifdef APG_DEBUG

-   fprintf(stdout,"cracklib_check_pass: password --> %s rejected (%s)\n", pw, msg);

-   fflush(stdout);

+     fprintf(stdout,"cracklib_check_pass: password --> %s rejected (%s)\n", pw, msg);

+     fflush(stdout);

 #endif

-   return (1);

+    }

   }

+  return (1);

 }

 #endif

@@ -245,6 +256,9 @@

  fflush (stdout);

 #endif /* APG_DEBUG */

+if(word == NULL)

+ return(0);

+

  if ((cond & S_SS) > 0)

     for (i=0; i < 94; i++)

        if ((smbl[i].type & S_SS) > 0)