fix: defensive checks for cwd restore, malloc, and log writes#23
Open
rmorgans wants to merge 3 commits intomobydeck:mainfrom
Open
fix: defensive checks for cwd restore, malloc, and log writes#23rmorgans wants to merge 3 commits intomobydeck:mainfrom
rmorgans wants to merge 3 commits intomobydeck:mainfrom
Conversation
- socket_with_chdir: always restore cwd, even on socket failure - expand_sockname: check malloc return before use - rotate_log/pty_activity: disable logging on write failure instead of silently losing data Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Once logging is disabled (log_fd = -1), no code path should increment log_written, call rotate_log, or lseek/write the fd. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
rmorgans
added a commit
to rmorgans/atch
that referenced
this pull request
Mar 15, 2026
…and log writes # Conflicts: # master.c
Verifies that a failed socket operation via socket_with_chdir does not leave the process in the wrong working directory. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Three small defensive fixes:
socket_with_chdir: always restore cwd after socket operation, even on failure. Preserves errno so the caller sees the original error.expand_sockname: checkmalloc()return before use. Exits with error instead of passing NULL tosnprintf(undefined behavior).rotate_log/pty_activity: once logging is disabled (log_fd = -1), no code path touches the fd again. Early guard inrotate_log(), split guard blocks inpty_activity(), and correct return value fromopen_log().What bugs these fix
expand_socknamewould callsnprintf(NULL, ...)— undefined behavior.log_written, calledrotate_log(), andlseek()on the invalid fd.Test results
202/203 pass (1 pre-existing: test 93). ASan+UBSan clean.