From: Jacob Bachmeyer <jcb@gnu.org>
Date: Tue, 15 Nov 2022 04:27:28 +0000 (-0600)
Subject: Improve error handling when running gpgv
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=236ac082c904f8d71525f142e06230000f8bb79e;p=gatekeeper.git

Improve error handling when running gpgv

This commit harmonizes the exit status used when the child process fails
to exec gpgv with that used by posix_spawn, and ensures that the child
process is reaped when the exec fails.
---

diff --git a/gatekeeper.pl b/gatekeeper.pl
index 7afb0e0..e0a0928 100755
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -914,7 +914,7 @@ sub _spawn_gpgv {
     close $gpgv_status; close $gpgv_flag;
 
     our $AbortPipe = $gpgv_flag_sink;	# pipe to parent
-    our $AbortExitCode = 120;		# arbitrary 7-bit exit code
+    our $AbortExitCode = 127;		# as posix_spawn uses
     # no need to use local here; this process will either exec or abort
 
     # Adjust close-on-exec flags:
@@ -955,6 +955,7 @@ sub _spawn_gpgv {
     chomp $err;
     if ($err =~ m/^ERR: (.*)$/) {
       # This is bad - we couldn't even execute the gpgv command properly
+      waitpid $pid, 0;	# reap failed child
       ftp_abort
 	("gpg verify of directive file failed (error executing gpgv): $1");
     }