gpg-interface: handle missing " with " gracefully in parse_ssh_output()

If the output of ssh-keygen starts with "Good \"git\" signature for ",
but is not followed by " with " for some reason, then parse_ssh_output()
uses -1 as the len parameter of xmemdupz(), which in turn will end the
program.  Reject the signature and carry on instead in that case.

Signed-off-by: René Scharfe <[email protected]>
Acked-by: Fabian Stelzer <[email protected]>
Signed-off-by: Junio C Hamano <[email protected]>

Author: rscharfe

gpg-interface.c

@@ -387,17 +387,19 @@ static void parse_ssh_output(struct signature_check *sigc)
 	line = to_free = xmemdupz(sigc->output, strcspn(sigc->output, "\n"));
 
 	if (skip_prefix(line, "Good \"git\" signature for ", &line)) {
-		/* Valid signature and known principal */
-		sigc->result = 'G';
-		sigc->trust_level = TRUST_FULLY;
-
 		/* Search for the last "with" to get the full principal */
 		principal = line;
 		do {
 			search = strstr(line, " with ");
 			if (search)
 				line = search + 1;
 		} while (search != NULL);
+		if (line == principal)
+			goto cleanup;
+
+		/* Valid signature and known principal */
+		sigc->result = 'G';
+		sigc->trust_level = TRUST_FULLY;
 		sigc->signer = xmemdupz(principal, line - principal - 1);
 	} else if (skip_prefix(line, "Good \"git\" signature with ", &line)) {
 		/* Valid signature, but key unknown */