From 9e9761caa885dfe5f588b9322cce9eaf03168510 Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Wed, 9 Nov 2011 09:19:48 +0200 Subject: Don't make assumptions about how pgpDig allocates things - Only call pgpDigGetParams() on the public key once we've at least tried to fetch it via rpmKeyringLookup(). This way we dont assume things about how pgpDig internal allocation is done - currently it does return what's essentially a static pointer into pgpDig, but this is not a reasonable assumption for an opaque type. No functional changes. --- lib/signature.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/signature.c') diff --git a/lib/signature.c b/lib/signature.c index eec5ff7a3..c5a06de16 100644 --- a/lib/signature.c +++ b/lib/signature.c @@ -476,12 +476,12 @@ verifySignature(rpmKeyring keyring, pgpDig dig, DIGEST_CTX hashctx, int isHdr, char *sigid = NULL; *msg = NULL; pgpDigParams sig = pgpDigGetParams(dig, PGPTAG_SIGNATURE); - pgpDigParams pub = pgpDigGetParams(dig, PGPTAG_PUBLIC_KEY); /* Call verify even if we dont have a key for a basic sanity check */ if (sig) { (void) rpmKeyringLookup(keyring, dig); - res = pgpVerifySignature(pub, sig, hashctx); + res = pgpVerifySignature(pgpDigGetParams(dig, PGPTAG_PUBLIC_KEY), + sig, hashctx); sigid = pgpIdentItem(sig); rasprintf(msg, "%s%s: %s\n", isHdr ? _("Header ") : "", sigid, -- cgit v1.2.3