From 1047b53efc370ad77546337a221171777b6face1 Mon Sep 17 00:00:00 2001
From: Ori Bernstein <ori@eigenstate.org>
Date: Tue, 19 Jan 2021 19:56:38 -0800
Subject: [PATCH] ape/libap: fix _startbuf, check rfork return (thanks
 pixelherodev)

When _startbuf is invoked, it would crash on the second invocation
if creating a mux segment failed. This is because the first attempt
would assign the return value -1 to the global mux variable, and
the second attempt would notice that the global mux was not nil,
and would attempt to use it.

This change only assigns to the global variable if the allocation
of the segment was a success.

While we're here, we should also check the return of the rfork call.
---
 sys/src/ape/lib/ap/plan9/_buf.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/sys/src/ape/lib/ap/plan9/_buf.c b/sys/src/ape/lib/ap/plan9/_buf.c
index 185095c8c..5cfa8d19d 100644
--- a/sys/src/ape/lib/ap/plan9/_buf.c
+++ b/sys/src/ape/lib/ap/plan9/_buf.c
@@ -54,14 +54,19 @@ _startbuf(int fd)
 	Fdinfo *f;
 	Muxbuf *b;
 	void *v;
+	Muxseg *m;
 
 	if(mux == 0){
-		_RFORK(RFREND);
-		mux = (Muxseg*)_SEGATTACH(0, "shared", 0, sizeof(Muxseg));
-		if(mux == (void*)-1){
+		if(_RFORK(RFREND) == -1){
 			_syserrno();
 			return -1;
 		}
+		m = (Muxseg*)_SEGATTACH(0, "shared", 0, sizeof(Muxseg));
+		if(m == (void*)-1){
+			_syserrno();
+			return -1;
+		}
+		mux = m;
 		/* segattach has returned zeroed memory */
 		atexit(_killmuxsid);
 	}