From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020724

Description of problem:
If pam_wheel is used without the use_uid argument, and if it is used in an
environment where getlogin() fails (and thus returns null), the process gets an
segmentation fault.

Version-Release number of selected component (if applicable): 0.75-40


How reproducible:
Always

Steps to Reproduce:
1.Enter a line like this in /etc/pam.d/su.  (Note, no use_uid!)
auth       required     /lib/security/pam_wheel.so
2.Run "xterm -ut"
3.In this xterm, do "su" from one ordinary user to another.
	

Actual Results:  Segmentation violation

Expected Results:  I guess pam_wheel should deny access in this case, but it
should do so in an orderly way.

Additional info:

The reason is that the return value from getlogin() is used directly in a call
to _pam_getpwnam_r() without checking it first.  Afterwards the returned value
is checked, but that is too late.  The attached patch suggests a trivial solution.