On Thu, Oct 26, 2023 at 09:20:13AM +0200, Omar Polo wrote:
> I did a first pass on privsep.c, might have missed something but this is
> what I've found.  The fd leaks are obvious I think, the double close
> maybe less.
> 
> What I've understood is that once we pass a file descriptor to
> imsg_compose (or equivalent) and the call succeeds, then we only need to
> care that we end up calling flush_imsg() or imsg_clear() via the normal
> cleanup path.  flush_imsg() (our internal function) handles the
> imsg_flush() failure and calls imsg_clear() by itself, which will close
> the pending file descriptors.
> 
> A follow up will be to remove the various wbuf->fd = -1 which are not
> needed (fd is initialized to -1 in ibuf_dinamyc that is caled by
> imsg_create.) 

All this looks good to me, ok!

> Should we also start to use ibuf_fd_set() instead of
> reaching into the struct?

Sure, why not.