From 6b9d622d0e42f2dc7c9e7f43076e538b7abb47ae Mon Sep 17 00:00:00 2001
From: Kevin McCarthy <kevin@8t8.us>
Date: Mon, 5 Jan 2015 18:28:59 -0800
Subject: [PATCH] Fix segv in pgp_getkeybystr().  (closes #3725)

When searching for keys, and the user supplies "" to match against,
pgp_getkeybystr will have values:
  p = "";
  l = 0;
After returning from pgp_select_key(), it will try to assign to
p[l-1].

(As a note, the function is chopping off and restoring the trailing
"!" character because of ticket #1928.)
---
 pgpkey.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pgpkey.c b/pgpkey.c
index dad51b0ea..b11ada00d 100644
--- a/pgpkey.c
+++ b/pgpkey.c
@@ -985,13 +985,13 @@ pgp_key_t pgp_getkeybystr (char *p, short abilities, pgp_ring_t keyring)
       pgp_remove_key (&matches, k);
 
     pgp_free_key (&matches);
-    if (!p[l-1])
+    if (l && !p[l-1])
       p[l-1] = '!';
     return k;
   }
 
 out:
-  if (!p[l-1])
+  if (l && !p[l-1])
     p[l-1] = '!';
   return NULL;
 }
-- 
2.40.0