2004-06-23 Marcus Brinkmann <marcus@g10code.de>

* key.c (_gpgme_key_append_name): Make sure tail points to the
        byte following the uid.
        (_gpgme_key_add_sig): Likewise.  Don't use calloc, but malloc and
        memset.

gpgme/ChangeLog

@@ -1,3 +1,10 @@
+2004-06-23  Marcus Brinkmann  <marcus@g10code.de>
+
+	* key.c (_gpgme_key_append_name): Make sure tail points to the
+	byte following the uid.
+	(_gpgme_key_add_sig): Likewise.  Don't use calloc, but malloc and
+	memset.
+
 2004-06-02  Marcus Brinkmann  <marcus@g10code.de>
 
 	* libgpgme.vers: Remove C-style comment, which is not supported by

gpgme/key.c

@@ -220,7 +220,7 @@ _gpgme_key_append_name (gpgme_key_t key, char *src)
   dst = uid->uid;
   _gpgme_decode_c_string (src, &dst, src_len + 1);
 
-  dst += src_len + 1;
+  dst += strlen (dst) + 1;
   if (key->protocol == GPGME_PROTOCOL_CMS)
     parse_x509_user_id (uid->uid, &uid->name, &uid->email,
 			&uid->comment, dst);
@@ -253,9 +253,11 @@ _gpgme_key_add_sig (gpgme_key_t key, char *src)
   /* We can malloc a buffer of the same length, because the converted
      string will never be larger. Actually we allocate it twice the
      size, so that we are able to store the parsed stuff there too.  */
-  sig = calloc (1, sizeof (*sig) + 2 * src_len + 3);
+  sig = malloc (sizeof (*sig) + 2 * src_len + 3);
   if (!sig)
     return NULL;
+  memset (sig, 0, sizeof *sig);
+
   sig->keyid = sig->_keyid;
   sig->_keyid[16] = '\0';
   sig->uid = ((char *) sig) + sizeof (*sig);
@@ -264,7 +266,7 @@ _gpgme_key_add_sig (gpgme_key_t key, char *src)
     {
       char *dst = sig->uid;
       _gpgme_decode_c_string (src, &dst, src_len + 1);
-      dst += src_len + 1;
+      dst += strlen (dst) + 1;
       if (key->protocol == GPGME_PROTOCOL_CMS)
 	parse_x509_user_id (sig->uid, &sig->name, &sig->email,
 			    &sig->comment, dst);