commit: 3827f90429c8f1e1327b2a532d266cbe061225e0 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Fri Oct 31 18:43:09 2025 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Fri Oct 31 20:24:43 2025 +0000 URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=3827f904
gpkg: Process gpg-status output as binary data GPG `--status-fd` output is not guaranteed to be valid UTF-8, and we only match against plain ASCII strings, so avoid unnecessary decoding and process it as binary data instead. Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> Part-of: https://github.com/gentoo/portage/pull/1495 Closes: https://github.com/gentoo/portage/pull/1495 Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> lib/portage/gpkg.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/lib/portage/gpkg.py b/lib/portage/gpkg.py index 990f2077dc..9791b339e2 100644 --- a/lib/portage/gpkg.py +++ b/lib/portage/gpkg.py @@ -537,7 +537,7 @@ class checksum_helper: def __del__(self): self.finish() - def _check_gpg_status(self, gpg_status): + def _check_gpg_status(self, gpg_status: bytes) -> None: """ Check GPG status log for extra info. GPG will return OK even if the signature owner is not trusted. @@ -546,11 +546,11 @@ class checksum_helper: trust_signature = False for l in gpg_status.splitlines(): - if l.startswith("[GNUPG:] GOODSIG"): + if l.startswith(b"[GNUPG:] GOODSIG"): good_signature = True - if l.startswith("[GNUPG:] TRUST_ULTIMATE") or l.startswith( - "[GNUPG:] TRUST_FULLY" + if l.startswith(b"[GNUPG:] TRUST_ULTIMATE") or l.startswith( + b"[GNUPG:] TRUST_FULLY" ): trust_signature = True @@ -597,9 +597,7 @@ class checksum_helper: if return_code == os.EX_OK: if self.gpg_operation == checksum_helper.VERIFY: - self._check_gpg_status( - self.gpg_result.decode("UTF-8", errors="replace") - ) + self._check_gpg_status(self.gpg_result) else: writemsg( colorize(
