login: check cause before using

This is a false-positive from clang-analyzer: if ordinary_login returns false then cause must not be null. Still, the flow is a bit confusing so just go ahead and add a null check before we use it. Signed-off-by: Bob Copeland <[email protected]>
lastpass · Jun 7, 2017 · 1ba2e60 · 1ba2e60
1 parent 873482b
commit 1ba2e60
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/endpoints-login.c b/endpoints-login.c
@@ -342,7 +342,8 @@ struct session *lastpass_login(const char *username, const char hash[KDF_HEX_LEN
 		append_post(args, "trustlabel", trusted_label);
 	}
 
-	if (!strcmp(cause, "outofbandrequired") && oob_login(login_server, key, args, error_message, &reply, &otp_name, &session)) {
+	if (cause && !strcmp(cause, "outofbandrequired") &&
+	    oob_login(login_server, key, args, error_message, &reply, &otp_name, &session)) {
 		if (trust)
 			http_post_lastpass("trust.php", session, NULL, "token", session->token, "uuid", trusted_id, "trustlabel", trusted_label, NULL);
 		return session;