[Rpm-maint] [rpm-software-management/rpm] Ignore subkeys that cannot sign (PR #1938)
Panu Matilainen
notifications at github.com
Thu Mar 24 14:23:42 UTC 2022
@pmatilai commented on this pull request.
> + if (decodePkt(p, (pend - p), &pkt) ||
+ pkt.tag != PGPTAG_SIGNATURE ||
+ pgpPrtSig(0, pkt.body, pkt.blen, params) ||
+ params->sigtype != PGPSIGTYPE_SUBKEY_BINDING) {
+ pgpDigParamsFree(digps[count]);
+ break;
Uff. Regardless of indentation and intention, this ends up obfuscating the logic which is makes it far from defensive in my books.
This sort of thing is better done as an aptly named helper function that wraps the allocation + sanity checking in one go.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1938#discussion_r834365149
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/1938/review/920352222 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220324/4d46d86d/attachment.html>
More information about the Rpm-maint
mailing list