#! /bin/sh /usr/share/dpatch/dpatch-run
## 09_ubuntu_fortify_source.dpatch by Colin Watson <cjwatson@ubuntu.com>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Suppress a number of warnings (turned into errors by -Werror)
## DP: triggered by Ubuntu's default of -D_FORTIFY_SOURCE=2.

@DPATCH@
Index: aptitude/src/cmdline/cmdline_changelog.cc
===================================================================
--- aptitude.orig/src/cmdline/cmdline_changelog.cc
+++ aptitude/src/cmdline/cmdline_changelog.cc
@@ -424,7 +424,8 @@
 	_error->Error(_("Couldn't find a changelog for %s"), input.c_str());
       else
 	// Run the user's pager.
-	system((string(pager) + " " + filename.get_name()).c_str());
+	if(system((string(pager) + " " + filename.get_name()).c_str()) != 0)
+	  _error->Error(_("Couldn't run pager %s"), pager);
     }
 
   _error->DumpErrors();
Index: aptitude/src/generic/apt/download_install_manager.cc
===================================================================
--- aptitude.orig/src/generic/apt/download_install_manager.cc
+++ aptitude/src/generic/apt/download_install_manager.cc
@@ -165,7 +165,7 @@
     case pkgPackageManager::Failed:
       _error->DumpErrors();
       cerr << _("A package failed to install.  Trying to recover:") << endl;
-      system("DPKG_NO_TSTP=1 dpkg --configure -a");
+      if(system("DPKG_NO_TSTP=1 dpkg --configure -a") != 0) { /* ignore */ }
       break;
     case pkgPackageManager::Completed:
       break;
Index: aptitude/src/pkg_item.cc
===================================================================
--- aptitude.orig/src/pkg_item.cc
+++ aptitude/src/pkg_item.cc
@@ -412,7 +412,7 @@
 
       printf(_("Reporting a bug in %s:\n"), package.Name());
 
-      system(cmd.c_str());
+      if(system(cmd.c_str()) != 0) { /* ignore */ }
 
       cw::toplevel::resume();
     }
@@ -446,7 +446,7 @@
 	      snprintf(buf, 512, sucmd,
 		       package.Name());
 
-	      system(buf);
+	      if(system(buf) != 0) { /* ignore? */ }
 
 	      cerr<<_("Press return to continue.\n");
 	      getchar();
Index: aptitude/src/pkg_ver_item.cc
===================================================================
--- aptitude.orig/src/pkg_ver_item.cc
+++ aptitude/src/pkg_ver_item.cc
@@ -772,7 +772,7 @@
 
 
 
-      system(cmd.c_str());
+      if(system(cmd.c_str()) != 0) { /* ignore */ }
 
       sigaction(SIGCONT, &oldact, NULL);
 
Index: aptitude/src/ui.cc
===================================================================
--- aptitude.orig/src/ui.cc
+++ aptitude/src/ui.cc
@@ -477,7 +477,12 @@
       // Read one byte from the FIFO for synchronization
       char tmp;
       int fd = open(fifoname.get_name().c_str(), O_RDONLY);
-      read(fd, &tmp, 1); // Will block until the other process writes.
+      if(read(fd, &tmp, 1) < 0) // Will block until the other process writes.
+	{
+	  std::string errmsg = ssprintf("aptitude: failed to synchronize with parent process");
+	  perror(errmsg.c_str());
+	  exit(1);
+	}
       close(fd);
 
       // It's ok to use argv0 to generate the command,
@@ -552,7 +557,13 @@
       // Ok, wake the other process up.
       char tmp=0;
       int fd=open(fifoname.get_name().c_str(), O_WRONLY);
-      write(fd, &tmp, 1);
+      if(write(fd, &tmp, 1) < 0)
+	{
+	  // If we can't synchronize with it, we'd better kill it.
+	  std::string errmsg = ssprintf("aptitude: failed to synchronize with child process");
+	  perror(errmsg.c_str());
+	  kill(pid, SIGTERM);
+	}
       close(fd);
 
       // Wait for a while so we don't accidentally daemonize ourselves.
