[PATCH v7 1/6] builtin/verify-tag.c: ignore SIGPIPE in gpg-interface

Tue, 19 Apr 2016 10:48:12 -0700 

From: Santiago Torres <santi...@nyu.edu>

The verify_signed_buffer() function may trigger a SIGPIPE when the
GPG child process terminates early (due to a bad keyid, for example)
and Git tries to write to it afterwards.  Previously, ignoring
SIGPIPE was done in builtin/verify-tag.c to avoid this issue.

However, any other caller who wants to call verify_signed_buffer()
would have to do the same.

Use sigchain_push(SIGPIPE, SIG_IGN) in verify_signed_buffer(),
pretty much like in sign_buffer(), so that any caller is not
required to perform this task.

This will avoid possible mistakes by further developers using
verify_signed_buffer().

Signed-off-by: Santiago Torres <santi...@nyu.edu>
Reviewed-by: Eric Sunshine <sunsh...@sunshineco.com>
Signed-off-by: Junio C Hamano <gits...@pobox.com>
---
 builtin/verify-tag.c | 3 ---
 gpg-interface.c      | 2 ++
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c
index 00663f6..77f070a 100644
--- a/builtin/verify-tag.c
+++ b/builtin/verify-tag.c
@@ -95,9 +95,6 @@ int cmd_verify_tag(int argc, const char **argv, const char 
*prefix)
        if (verbose)
                flags |= GPG_VERIFY_VERBOSE;
 
-       /* sometimes the program was terminated because this signal
-        * was received in the process of writing the gpg input: */
-       signal(SIGPIPE, SIG_IGN);
        while (i < argc)
                if (verify_tag(argv[i++], flags))
                        had_error = 1;
diff --git a/gpg-interface.c b/gpg-interface.c
index 3dc2fe3..2259938 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -237,6 +237,7 @@ int verify_signed_buffer(const char *payload, size_t 
payload_size,
                return error(_("could not run gpg."));
        }
 
+       sigchain_push(SIGPIPE, SIG_IGN);
        write_in_full(gpg.in, payload, payload_size);
        close(gpg.in);
 
@@ -250,6 +251,7 @@ int verify_signed_buffer(const char *payload, size_t 
payload_size,
        close(gpg.out);
 
        ret = finish_command(&gpg);
+       sigchain_pop(SIGPIPE);
 
        unlink_or_warn(path);
 
-- 
2.8.0

--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to