Fix segv in pgp_getkeybystr(). (closes #3725)

When searching for keys, and the user supplies "" to match against,
pgp_getkeybystr will have values:
  p = "";
  l = 0;
After returning from pgp_select_key(), it will try to assign to
p[l-1].

(As a note, the function is chopping off and restoring the trailing
"!" character because of ticket #1928.)

diff --git a/pgpkey.c b/pgpkey.c
index dad51b0eafdfceff720cf93b643c1587aa387208..b11ada00d3bedf47d3a2501b596adb667a23bac6 100644 (file)
--- a/pgpkey.c
+++ b/pgpkey.c
@@ -985,13 +985,13 @@ pgp_key_t pgp_getkeybystr (char *p, short abilities, pgp_ring_t keyring)
       pgp_remove_key (&matches, k);
 
     pgp_free_key (&matches);
-    if (!p[l-1])
+    if (l && !p[l-1])
       p[l-1] = '!';
     return k;
   }
 
 out:
-  if (!p[l-1])
+  if (l && !p[l-1])
     p[l-1] = '!';
   return NULL;
 }