1 files changed, 39 insertions, 4 deletions

diff --git a/gpgme/rungpg.c b/gpgme/rungpg.c
index 76bcaaed..7524d68f 100644
--- a/gpgme/rungpg.c
+++ b/gpgme/rungpg.c
@@ -1878,12 +1878,47 @@ gpg_keylist_preprocess (char *line, char **r_line)
 	 HTTP Keyserver Protocol (draft). 
 
 	 We want:
-	 uid:o<flags>::::<creatdate>:<expdate>:::<uid>:
+	 uid:o<flags>::::<creatdate>:<expdate>:::<c-coded uid>:
       */
 
-      if (asprintf (r_line, "uid:o%s::::%s:%s:::%s:",
-		    field[4], field[2], field[3], field[1]) < 0)
-	return gpg_error_from_errno (errno);
+      {
+	/* The user ID is percent escaped, but we want c-coded.
+	   Because we have to replace each '%HL' by '\xHL', we need at
+	   most 4/3 th the number of bytes.  But because this 
+	   security software, we err on the good side and allocate
+	   twice as much.  */
+	char *uid = malloc (2 * strlen (field[1]) + 1);
+	char *src;
+	char *dst;
+
+	if (! uid)
+	  return gpg_error_from_errno (errno);
+	src = field[1];
+	dst = uid;
+	while (*src)
+	  {
+	    if (*src == '%')
+	      {
+		*(dst++) = '\\';
+		*(dst++) = 'x';
+		src++;
+		/* Copy the next two bytes unconditionally.  This is
+		   what reduces the maximum number of needed bytes
+		   from 2n+1 to (4/3)n+1, even for invalid strings.  */
+		if (*src)
+		  *(dst++) = *(src++);
+		if (*src)
+		  *(dst++) = *(src++);
+	      }
+	    else
+	      *(dst++) = *(src++);
+	  }
+	*dst = '\0';
+
+	if (asprintf (r_line, "uid:o%s::::%s:%s:::%s:",
+		      field[4], field[2], field[3], uid) < 0)
+	  return gpg_error_from_errno (errno);
+      }
       return 0;
 
     case RT_NONE: