From ebfa2969042d89303d15334193fcc32866c8a8df Mon Sep 17 00:00:00 2001
From: "Kevin J. McCarthy" <kevin@8t8.us>
Date: Sat, 18 Apr 2026 21:41:23 +0800
Subject: [PATCH] Fix NULL dereference in show_sig_summary().

Inside show_one_sig_status(), if the error code is GPG_ERR_NO_PUBKEY,
key is NULL.  However, show_sig_summary() doesn't check for a NULL key
before dereferencing for the "key expired" case.

Thanks to evilrabbit@tutamail.com for the security report.

Thanks to Alejandro Colomar for his review and suggestion to keep the
ternary operator.

Reviewed-by: Alejandro Colomar <alx@kernel.org>
---
 crypt-gpgme.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypt-gpgme.c b/crypt-gpgme.c
index 5313d6f2..b30632b8 100644
--- a/crypt-gpgme.c
+++ b/crypt-gpgme.c
@@ -1425,7 +1425,7 @@ static int show_sig_summary (unsigned long sum,
 
   if ((sum & GPGME_SIGSUM_KEY_EXPIRED))
     {
-      time_t at = key->subkeys->expires ? key->subkeys->expires : 0;
+      time_t at = (key && key->subkeys) ? key->subkeys->expires : 0;
       if (at)
         {
           state_puts (_("Warning: The key used to create the "