--- ./helpers/basic_auth/NCSA/basic_ncsa_auth.cc	2013-03-02 02:46:03.000000000 +0100
+++ ./helpers/basic_auth/NCSA/basic_ncsa_auth.cc	2013-03-07 15:45:22.000000000 +0100
@@ -114,6 +114,7 @@
     time_t change_time = -1;
     char buf[HELPER_INPUT_BUFFER];
     char *user, *passwd, *p;
+    char *crypted;
     user_data *u;
     setbuf(stdout, NULL);
     if (argc != 2) {
@@ -147,10 +148,10 @@
         if (u == NULL) {
             SEND_ERR("No such user");
 #if HAVE_CRYPT
-        } else if (strlen(passwd) <= 8 && strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
+        } else if (strlen(passwd) <= 8 && (crypted = crypt(passwd, u->passwd)) && (strcmp(u->passwd, crypted) == 0)) {
             // Bug 3107: crypt() DES functionality silently truncates long passwords.
             SEND_OK("");
-        } else if (strlen(passwd) > 8 && strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
+        } else if (strlen(passwd) > 8 && (crypted = crypt(passwd, u->passwd)) && (strcmp(u->passwd, crypted) == 0)) {
             // Bug 3107: crypt() DES functionality silently truncates long passwords.
             SEND_ERR("Password too long. Only 8 characters accepted.");
 #endif