diff options
| author | Santiago Torres <santiago@nyu.edu> | 2016-04-05 12:07:24 -0400 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2016-04-06 09:02:02 -0700 |
| commit | d281b45d754477e79a8e0228c8f5ce4195079238 (patch) | |
| tree | 9b60290b5e62ccff80a7ca0bf51d4d40133996ba /gpg-interface.c | |
| parent | 90f7b16b3adc78d4bbabbd426fb69aa78c714f71 (diff) | |
| download | git-d281b45d754477e79a8e0228c8f5ce4195079238.tar.gz | |
builtin/verify-tag.c: ignore SIGPIPE in gpg-interface
The verify_signed_buffer() function may trigger a SIGPIPE when the
GPG child process terminates early (due to a bad keyid, for example)
and Git tries to write to it afterwards. Previously, ignoring
SIGPIPE was done in builtin/verify-tag.c to avoid this issue.
However, any other caller who wants to call verify_signed_buffer()
would have to do the same.
Use sigchain_push(SIGPIPE, SIG_IGN) in verify_signed_buffer(),
pretty much like in sign_buffer(), so that any caller is not
required to perform this task.
This will avoid possible mistakes by further developers using
verify_signed_buffer().
Signed-off-by: Santiago Torres <santiago@nyu.edu>
Reviewed-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'gpg-interface.c')
| -rw-r--r-- | gpg-interface.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/gpg-interface.c b/gpg-interface.c index 3dc2fe397e..2259938236 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -237,6 +237,7 @@ int verify_signed_buffer(const char *payload, size_t payload_size, return error(_("could not run gpg.")); } + sigchain_push(SIGPIPE, SIG_IGN); write_in_full(gpg.in, payload, payload_size); close(gpg.in); @@ -250,6 +251,7 @@ int verify_signed_buffer(const char *payload, size_t payload_size, close(gpg.out); ret = finish_command(&gpg); + sigchain_pop(SIGPIPE); unlink_or_warn(path); |