Sanitize signature checking formatResult() a bit

- whole lotta unnecessary wankery here (what have I been thinking)
- avoid using the non-standard strndup(), we checked for it in configure
  but didn't provide an alternative so checking was just bogus

diff --git a/configure.ac b/configure.ac
index 85a3621..71de8ec 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -504,7 +504,6 @@ AC_FUNC_VPRINTF
 AC_FUNC_MMAP
 
 AC_CHECK_FUNCS(mtrace)
-AC_CHECK_FUNCS(strndup)
 AC_CHECK_FUNCS(putenv)
 AC_CHECK_FUNCS(ftok)
 

diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c
index 1b5fca4..23ce871 100644 (file)
--- a/lib/rpmchecksig.c
+++ b/lib/rpmchecksig.c
@@ -593,12 +593,9 @@ static void formatResult(rpmSigTag sigtag, rpmRC sigres, const char *result,
        if (havekey && (sigres == RPMRC_NOKEY || sigres == RPMRC_NOTTRUSTED)) {
            const char *tempKey = strstr(result, "ey ID");
            if (tempKey) {
-               char *keyid = strndup(tempKey + 6, 8);
-               char *idprob = NULL;
-               rasprintf(&idprob, " %s#%s", signame, keyid);
-               rstrcat(keyprob, idprob);
-               free(keyid);
-               free(idprob);
+               char keyid[sizeof(pgpKeyID_t) + 1];
+               rstrlcpy(keyid, tempKey + 6, sizeof(keyid));
+               rstrscat(keyprob, " ", signame, "#", keyid, NULL);
            }
        }
        rasprintf(&msg, (*keyprob ? "(%s) " : "%s "), signame);