Henning Schild <henning.schild@xxxxxxxxxxx> writes: > gnupg does print the keyid followed by a space and the signer comes > next. The same pattern is also used in gpgsm, but there the key length > would be 40 instead of 16. Instead of hardcoding the expected length, > find the first space and calculate it. > Input that does not match the expected format will be ignored now, > before we jumped to found+17 which might have been behind the end of an > unexpected string. > > Signed-off-by: Henning Schild <henning.schild@xxxxxxxxxxx> > --- > gpg-interface.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) Very nice. > diff --git a/gpg-interface.c b/gpg-interface.c > index 699651fd9..93bd0fb32 100644 > --- a/gpg-interface.c > +++ b/gpg-interface.c > @@ -89,10 +89,11 @@ static void parse_gpg_output(struct signature_check *sigc) > sigc->result = sigcheck_gpg_status[i].result; > /* The trust messages are not followed by key/signer information */ > if (sigc->result != 'U') { > - sigc->key = xmemdupz(found, 16); > + next = strchrnul(found, ' '); > + sigc->key = xmemdupz(found, next - found); > /* The ERRSIG message is not followed by signer information */ > - if (sigc-> result != 'E') { > - found += 17; > + if (*next && sigc-> result != 'E') { > + found = next + 1; > next = strchrnul(found, '\n'); > sigc->signer = xmemdupz(found, next - found); > }