> On 11 Apr 2017, at 21:37, Jeff King <peff@xxxxxxxx> wrote: > > On Tue, Apr 11, 2017 at 09:29:36PM +0200, Lars Schneider wrote: > >>> 1. Do we need to save errno before calling sigchain_pop()? It's making >>> syscalls (though admittedly they are unlikely to fail). >> >> What if we add the following right before sigchain_pop() ? >> >> if (errno == EPIPE) >> err = -1; > > Yes, that would be fine (though again, this runs against point 2 below). > >>> 2. If err is 0, then nothing failed. Who would have set errno? Aren't >>> we reading whatever cruft happened to be in errno before the >>> function started? >> >> Yeah, looks like you're right: >> https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=6619179 >> >> According to this article we shouldn't even check *only* for errno. >> At least we should add >> errno = 0; >> at the beginning of the function, no? > > If you initialize errno to 0 right before a syscall, then yes, you can > trust it without checking the return value of the syscall. I wouldn't > trust it before calling more complicated functions, though. Not even > xwrite(), which may see EINTR and keep going (which is OK for checking > for EPIPE, but not checking generally for errno values). Should we remove all the errno checks here as we don't have any direct "write" etc syscalls anyways then? - Lars