From b4fb7a4b5d6776856210b4b70e2f21730aa99a93 Mon Sep 17 00:00:00 2001
From: Rafal Wojtczuk <rafal@invisiblethingslab.com>
Date: Wed, 4 May 2011 12:56:52 +0200
Subject: [PATCH] qrexec: added two I/O error checks, even though it is
 redundant in these cases

---
 qrexec/qrexec_daemon.c | 5 +++++
 qrexec/write_stdin.c   | 5 ++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/qrexec/qrexec_daemon.c b/qrexec/qrexec_daemon.c
index 7d522067..a5d2bdc6 100644
--- a/qrexec/qrexec_daemon.c
+++ b/qrexec/qrexec_daemon.c
@@ -98,6 +98,11 @@ void init(int xid)
 	umask(0007); 		// make the log readable by the "qubes" group
 	logfd = open(qrexec_error_log_name, O_WRONLY | O_CREAT | O_TRUNC, 0640);
 
+	if (logfd < 0) {
+	        perror("open");
+	        exit(1);
+        }
+
 	dup2(logfd, 1);
 	dup2(logfd, 2);
 
diff --git a/qrexec/write_stdin.c b/qrexec/write_stdin.c
index e77ccf55..7ace53b6 100644
--- a/qrexec/write_stdin.c
+++ b/qrexec/write_stdin.c
@@ -49,7 +49,10 @@ int flush_client_data(int fd, int client_id, struct buffer *buffer)
 			} else
 				return WRITE_STDIN_BUFFERED;
 		}
-		buffer_remove(buffer, len);
+		// we previously called buffer_remove(buffer, len)
+		// it will be wrong if we change MAX_DATA_CHUNK to something large
+		// as pipes writes are atomic only to PIPE_MAX limit 
+		buffer_remove(buffer, ret);
 		len = buffer_len(buffer);
 		if (!len) {
 			struct server_header s_hdr;