If the string "key" we found in the output of ssh-keygen happens to be
located at the very end of the line, then going four characters further
leaves us beyond the end of the string. Explicitly search for the
space after "key" to handle a missing one gracefully.
Signed-off-by: René Scharfe <l.s.r@xxxxxx>
---
This code was added after v2.33.0.
gpg-interface.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gpg-interface.c b/gpg-interface.c
index 62d340e78a..3838536f0a 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -409,9 +409,9 @@ static void parse_ssh_output(struct signature_check *sigc)
goto cleanup;
}
- key = strstr(line, "key");
+ key = strstr(line, "key ");
if (key) {
- sigc->fingerprint = xstrdup(strstr(line, "key") + 4);
+ sigc->fingerprint = xstrdup(strstr(line, "key ") + 4);
sigc->key = xstrdup(sigc->fingerprint);
} else {
/*
--
2.33.1
