Sanitize signature checking formatResult() a bit

- whole lotta unnecessary wankery here (what have I been thinking)
- avoid using the non-standard strndup(), we checked for it in configure
  but didn't provide an alternative so checking was just bogus
- backported from commit 0edc291e50f9b6023a3e8e560d590e1dd2149a7f

2 files changed, 4 insertions, 7 deletions

diff --git a/configure.ac b/configure.ac
index 8c2ef5062..52158536f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -634,7 +634,7 @@ dnl AC_FUNC_MMAP
 
 AC_CHECK_FUNCS(getaddrinfo getnameinfo inet_aton)
 AC_CHECK_FUNCS(mtrace)
-AC_CHECK_FUNCS(strndup strerror)
+AC_CHECK_FUNCS(strerror)
 
 AC_REPLACE_FUNCS(basename getcwd getwd)
 AC_REPLACE_FUNCS(putenv realpath setenv)
diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c
index 1b5fca446..23ce87117 100644
--- a/lib/rpmchecksig.c
+++ b/lib/rpmchecksig.c
@@ -593,12 +593,9 @@ static void formatResult(rpmSigTag sigtag, rpmRC sigres, const char *result,
 	if (havekey && (sigres == RPMRC_NOKEY || sigres == RPMRC_NOTTRUSTED)) {
 	    const char *tempKey = strstr(result, "ey ID");
 	    if (tempKey) {
-		char *keyid = strndup(tempKey + 6, 8);
-	    	char *idprob = NULL;
-		rasprintf(&idprob, " %s#%s", signame, keyid);
-		rstrcat(keyprob, idprob);
-		free(keyid);
-		free(idprob);
+		char keyid[sizeof(pgpKeyID_t) + 1];
+		rstrlcpy(keyid, tempKey + 6, sizeof(keyid));
+		rstrscat(keyprob, " ", signame, "#", keyid, NULL);
 	    }
 	}
 	rasprintf(&msg, (*keyprob ? "(%s) " : "%s "), signame);