From 9e9761caa885dfe5f588b9322cce9eaf03168510 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Wed, 9 Nov 2011 09:19:48 +0200
Subject: [PATCH] Don't make assumptions about how pgpDig allocates things

- Only call pgpDigGetParams() on the public key once we've at least
  tried to fetch it via rpmKeyringLookup(). This way we dont assume
  things about how pgpDig internal allocation is done - currently
  it does return what's essentially a static pointer into pgpDig,
  but this is not a reasonable assumption for an opaque type.
  No functional changes.
---
 lib/signature.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/signature.c b/lib/signature.c
index eec5ff7..c5a06de 100644
--- a/lib/signature.c
+++ b/lib/signature.c
@@ -476,12 +476,12 @@ verifySignature(rpmKeyring keyring, pgpDig dig, DIGEST_CTX hashctx, int isHdr,
     char *sigid = NULL;
     *msg = NULL;
     pgpDigParams sig = pgpDigGetParams(dig, PGPTAG_SIGNATURE);
-    pgpDigParams pub = pgpDigGetParams(dig, PGPTAG_PUBLIC_KEY);
 
     /* Call verify even if we dont have a key for a basic sanity check */
     if (sig) {
 	(void) rpmKeyringLookup(keyring, dig);
-	res = pgpVerifySignature(pub, sig, hashctx);
+	res = pgpVerifySignature(pgpDigGetParams(dig, PGPTAG_PUBLIC_KEY),
+				 sig, hashctx);
 
 	sigid = pgpIdentItem(sig);
 	rasprintf(msg, "%s%s: %s\n", isHdr ? _("Header ") : "", sigid, 
-- 
2.7.4