Fix handling of read/write errors
safe_read and safe_write return size_t and define SAFE_READ_ERROR and SAFE_WRITE_ERROR as error return values. We had previously been assigning their result to a signed value. As a result, whether passthrough, pipeline_pump, and get_block would detect read/write errors was implementation-defined. * lib/pipeline.c (passthrough, get_block): Assign safe_read return value to a size_t rather than a signed integer type, and check for SAFE_READ_ERROR rather than negative values. (pipeline_pump): Assign safe_write return value to a size_t rather than an ssize_t, and check for SAFE_WRITE_ERROR rather than negative values. * NEWS: Document this.
Showing with 16 additions and 6 deletions