Re: [PATCH v3 4/7] gpg-interface: do not hardcode the key string len anymore
Henning Schild writes:
> gnupg does print the keyid followed by a space and the signer comes
> next. The same pattern is also used in gpgsm, but there the key length
> would be 40 instead of 16. Instead of hardcoding the expected length,
> find the first space and calculate it.
> Input that does not match the expected format will be ignored now,
> before we jumped to found+17 which might have been behind the end of an
> unexpected string.
>
> Signed-off-by: Henning Schild
> ---
> gpg-interface.c | 7 ---
> 1 file changed, 4 insertions(+), 3 deletions(-)
Very nice.
> diff --git a/gpg-interface.c b/gpg-interface.c
> index 699651fd9..93bd0fb32 100644
> --- a/gpg-interface.c
> +++ b/gpg-interface.c
> @@ -89,10 +89,11 @@ static void parse_gpg_output(struct signature_check *sigc)
> sigc->result = sigcheck_gpg_status[i].result;
> /* The trust messages are not followed by key/signer
> information */
> if (sigc->result != 'U') {
> - sigc->key = xmemdupz(found, 16);
> + next = strchrnul(found, ' ');
> + sigc->key = xmemdupz(found, next - found);
> /* The ERRSIG message is not followed by signer
> information */
> - if (sigc-> result != 'E') {
> - found += 17;
> + if (*next && sigc-> result != 'E') {
> + found = next + 1;
> next = strchrnul(found, '\n');
> sigc->signer = xmemdupz(found, next - found);
> }
[PATCH v3 4/7] gpg-interface: do not hardcode the key string len anymore
gnupg does print the keyid followed by a space and the signer comes
next. The same pattern is also used in gpgsm, but there the key length
would be 40 instead of 16. Instead of hardcoding the expected length,
find the first space and calculate it.
Input that does not match the expected format will be ignored now,
before we jumped to found+17 which might have been behind the end of an
unexpected string.
Signed-off-by: Henning Schild
---
gpg-interface.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/gpg-interface.c b/gpg-interface.c
index 699651fd9..93bd0fb32 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -89,10 +89,11 @@ static void parse_gpg_output(struct signature_check *sigc)
sigc->result = sigcheck_gpg_status[i].result;
/* The trust messages are not followed by key/signer
information */
if (sigc->result != 'U') {
- sigc->key = xmemdupz(found, 16);
+ next = strchrnul(found, ' ');
+ sigc->key = xmemdupz(found, next - found);
/* The ERRSIG message is not followed by signer
information */
- if (sigc-> result != 'E') {
- found += 17;
+ if (*next && sigc-> result != 'E') {
+ found = next + 1;
next = strchrnul(found, '\n');
sigc->signer = xmemdupz(found, next - found);
}
--
2.16.4
