[Pkg-gnupg-commit] [gpgme] 28/53: cpp: Return null key if the signature had no key

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gpgme.

commit 34e9dfee81958160f6604849b63369ae4de67417
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Mon Oct 10 17:36:41 2016 +0200

    cpp: Return null key if the signature had no key
    
    * lang/cpp/src/verificationresult.cpp (Private): Add null key
    to list when there is no key associated with the signature.
    
    --
    This fixes an out of bounds read when a verification did
    not have a key.
---
 lang/cpp/src/verificationresult.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lang/cpp/src/verificationresult.cpp b/lang/cpp/src/verificationresult.cpp
index be33ca2..a7b073e 100644
--- a/lang/cpp/src/verificationresult.cpp
+++ b/lang/cpp/src/verificationresult.cpp
@@ -72,6 +72,8 @@ public:
             // copy keys
             if (scopy->key) {
                 keys.push_back(Key(scopy->key, true));
+            } else {
+                keys.push_back(Key());
             }
             // copy notations:
             nota.push_back(std::vector<Nota>());

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gpgme.git