From 2e2f118e1095baf7f9d4365568913d5755da9b55 Mon Sep 17 00:00:00 2001
From: bol-van <none@none.none>
Date: Mon, 9 Feb 2026 19:44:06 +0300
Subject: [PATCH] nfqws2: EINTR safety

---
 nfq2/gzip.c     |   5 +-
 nfq2/helpers.c  | 335 +++++++++++++++++++++++++++---------------------
 nfq2/helpers.h  |   2 +
 nfq2/hostlist.c |   2 +-
 nfq2/nfqws.c    |   2 +-
 5 files changed, 195 insertions(+), 151 deletions(-)

diff --git a/nfq2/gzip.c b/nfq2/gzip.c
index 0cbf868..58a2f7b 100644
--- a/nfq2/gzip.c
+++ b/nfq2/gzip.c
@@ -2,6 +2,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include "helpers.h"
 
 #define ZCHUNK 16384
 #define BUFMIN 128
@@ -25,7 +26,7 @@ int z_readfile(FILE *F, char **buf, size_t *size, size_t extra_alloc)
 
 	do
 	{
-		zs.avail_in = fread(in, 1, sizeof(in), F);
+		zs.avail_in = fread_safe(in, 1, sizeof(in), F);
 		if (ferror(F))
 		{
 			r = Z_ERRNO;
@@ -78,7 +79,7 @@ zerr:
 bool is_gzip(FILE* F)
 {
 	unsigned char magic[2];
-	bool b = !fseek(F, 0, SEEK_SET) && fread(magic, 1, 2, F) == 2 && magic[0] == 0x1F && magic[1] == 0x8B;
+	bool b = !fseek(F, 0, SEEK_SET) && fread_safe(magic, 1, 2, F) == 2 && magic[0] == 0x1F && magic[1] == 0x8B;
 	fseek(F, 0, SEEK_SET);
 	return b;
 }
diff --git a/nfq2/helpers.c b/nfq2/helpers.c
index 3f89ac8..bc5fe60 100644
--- a/nfq2/helpers.c
+++ b/nfq2/helpers.c
@@ -33,7 +33,7 @@ static int cmp_size_t(const void * a, const void * b)
 }
 void qsort_size_t(size_t *array, int ct)
 {
-	qsort(array,ct,sizeof(*array),cmp_size_t);
+	qsort(array, ct, sizeof(*array), cmp_size_t);
 }
 static int cmp_ssize_t(const void * a, const void * b)
 {
@@ -41,14 +41,14 @@ static int cmp_ssize_t(const void * a, const void * b)
 }
 void qsort_ssize_t(ssize_t *array, int ct)
 {
-	qsort(array,ct,sizeof(*array),cmp_ssize_t);
+	qsort(array, ct, sizeof(*array), cmp_ssize_t);
 }
 
 
 int str_index(const char **strs, int count, const char *str)
 {
-	for(int i=0;i<count;i++)
-		if (!strcmp(strs[i],str)) return i;
+	for (int i = 0; i < count; i++)
+		if (!strcmp(strs[i], str)) return i;
 	return -1;
 }
 
@@ -60,7 +60,7 @@ void rtrim(char *s)
 
 void replace_char(char *s, char from, char to)
 {
-	for(;*s;s++) if (*s==from) *s=to;
+	for (; *s; s++) if (*s == from) *s = to;
 }
 
 const char *strncasestr(const char *s, const char *find, size_t slen)
@@ -88,18 +88,18 @@ const char *strncasestr(const char *s, const char *find, size_t slen)
 
 static inline bool is_letter(char c)
 {
-	return (c>='a' && c<='z') || (c>='A' && c<='Z');
+	return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z');
 }
 static inline bool is_digit(char c)
 {
-	return c>='0' && c<='9';
+	return c >= '0' && c <= '9';
 }
 bool is_identifier(const char *p)
 {
-	if (*p!='_' && !is_letter(*p))
+	if (*p != '_' && !is_letter(*p))
 		return false;
-	for(++p;*p;p++)
-		if (!is_letter(*p) && !is_digit(*p) && *p!='_')
+	for (++p; *p; p++)
+		if (!is_letter(*p) && !is_digit(*p) && *p != '_')
 			return false;
 	return true;
 }
@@ -120,7 +120,7 @@ bool load_file(const char *filename, off_t offset, void *buffer, size_t *buffer_
 		}
 	}
 
-	*buffer_size = fread(buffer, 1, *buffer_size, F);
+	*buffer_size = fread_safe(buffer, 1, *buffer_size, F);
 	if (ferror(F))
 	{
 		fclose(F);
@@ -143,7 +143,7 @@ bool save_file(const char *filename, const void *buffer, size_t buffer_size)
 		return false;
 	}
 	fclose(F);
-	if (wr!=buffer_size)
+	if (wr != buffer_size)
 	{
 		errno = EIO;
 		return false;
@@ -152,22 +152,22 @@ bool save_file(const char *filename, const void *buffer, size_t buffer_size)
 }
 bool append_to_list_file(const char *filename, const char *s)
 {
-	FILE *F = fopen(filename,"at");
+	FILE *F = fopen(filename, "at");
 	if (!F) return false;
-	bool bOK = fprintf(F,"%s\n",s)>0;
+	bool bOK = fprintf(F, "%s\n", s) > 0;
 	fclose(F);
 	return bOK;
 }
 
 void expand_bits(void *target, const void *source, unsigned int source_bitlen, unsigned int target_bytelen)
 {
-	unsigned int target_bitlen = target_bytelen<<3;
-	unsigned int bitlen = target_bitlen<source_bitlen ? target_bitlen : source_bitlen;
-	unsigned int bytelen = bitlen>>3;
+	unsigned int target_bitlen = target_bytelen << 3;
+	unsigned int bitlen = target_bitlen < source_bitlen ? target_bitlen : source_bitlen;
+	unsigned int bytelen = bitlen >> 3;
 
-	if ((target_bytelen-bytelen)>=1) memset((uint8_t*)target+bytelen,0,target_bytelen-bytelen);
-	memcpy(target,source,bytelen);
-	if ((bitlen &= 7)) ((uint8_t*)target)[bytelen] = ((uint8_t*)source)[bytelen] & (~((1 << (8-bitlen)) - 1));
+	if ((target_bytelen - bytelen) >= 1) memset((uint8_t*)target + bytelen, 0, target_bytelen - bytelen);
+	memcpy(target, source, bytelen);
+	if ((bitlen &= 7)) ((uint8_t*)target)[bytelen] = ((uint8_t*)source)[bytelen] & (~((1 << (8 - bitlen)) - 1));
 }
 
 // "       [fd00::1]" => "fd00::1"
@@ -179,53 +179,53 @@ void expand_bits(void *target, const void *source, unsigned int source_bitlen, u
 bool strip_host_to_ip(char *host)
 {
 	size_t l;
-	char *h,*p;
+	char *h, *p;
 	uint8_t addr[16];
 
-	for (h = host ; *h==' ' || *h=='\t' ; h++);
+	for (h = host; *h == ' ' || *h == '\t'; h++);
 	l = strlen(h);
-	if (l>=2)
+	if (l >= 2)
 	{
-		if (*h=='[')
+		if (*h == '[')
 		{
 			// ipv6 ?
-			for (p=++h ; *p && *p!=']' ;  p++);
-			if (*p==']')
+			for (p = ++h; *p && *p != ']'; p++);
+			if (*p == ']')
 			{
-				l = p-h;
-				memmove(host,h,l);
-				host[l]=0;
-				return inet_pton(AF_INET6, host, addr)>0;
+				l = p - h;
+				memmove(host, h, l);
+				host[l] = 0;
+				return inet_pton(AF_INET6, host, addr) > 0;
 			}
 		}
 		else
 		{
-			if (inet_pton(AF_INET6, h, addr)>0)
+			if (inet_pton(AF_INET6, h, addr) > 0)
 			{
 				// ipv6 ?
-				if (host!=h)
+				if (host != h)
 				{
 					l = strlen(h);
-					memmove(host,h,l);
-					host[l]=0;
+					memmove(host, h, l);
+					host[l] = 0;
 				}
 				return true;
 			}
 			else
 			{
 				// ipv4 ?
-				for (p=h ; *p && *p!=':' ;  p++);
-				l = p-h;
-				if (host!=h) memmove(host,h,l);
-				host[l]=0;
-				return inet_pton(AF_INET, host, addr)>0;
+				for (p = h; *p && *p != ':'; p++);
+				l = p - h;
+				if (host != h) memmove(host, h, l);
+				host[l] = 0;
+				return inet_pton(AF_INET, host, addr) > 0;
 			}
 		}
 	}
 	return false;
 }
 
-void ntopa46(const struct in_addr *ip, const struct in6_addr *ip6,char *str, size_t len)
+void ntopa46(const struct in_addr *ip, const struct in6_addr *ip6, char *str, size_t len)
 {
 	if (!len) return;
 	*str = 0;
@@ -235,8 +235,8 @@ void ntopa46(const struct in_addr *ip, const struct in6_addr *ip6,char *str, siz
 }
 void ntop46(const struct sockaddr *sa, char *str, size_t len)
 {
-	ntopa46(sa->sa_family==AF_INET ? &((struct sockaddr_in*)sa)->sin_addr : NULL,
-		sa->sa_family==AF_INET6 ? &((struct sockaddr_in6*)sa)->sin6_addr : NULL,
+	ntopa46(sa->sa_family == AF_INET ? &((struct sockaddr_in*)sa)->sin_addr : NULL,
+		sa->sa_family == AF_INET6 ? &((struct sockaddr_in6*)sa)->sin6_addr : NULL,
 		str, len);
 }
 void ntop46_port(const struct sockaddr *sa, char *str, size_t len)
@@ -265,32 +265,32 @@ void print_sockaddr(const struct sockaddr *sa)
 
 uint16_t saport(const struct sockaddr *sa)
 {
-	return ntohs(sa->sa_family==AF_INET ? ((struct sockaddr_in*)sa)->sin_port :
-		     sa->sa_family==AF_INET6 ? ((struct sockaddr_in6*)sa)->sin6_port : 0);
+	return ntohs(sa->sa_family == AF_INET ? ((struct sockaddr_in*)sa)->sin_port :
+		sa->sa_family == AF_INET6 ? ((struct sockaddr_in6*)sa)->sin6_port : 0);
 }
 
 bool sa_has_addr(const struct sockaddr *sa)
 {
-	switch(sa->sa_family)
+	switch (sa->sa_family)
 	{
-		case AF_INET:
-			return ((struct sockaddr_in*)sa)->sin_addr.s_addr!=INADDR_ANY;
-		case AF_INET6:
-			return memcmp(((struct sockaddr_in6*)sa)->sin6_addr.s6_addr, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16);
-		default:
-			return false;
+	case AF_INET:
+		return ((struct sockaddr_in*)sa)->sin_addr.s_addr != INADDR_ANY;
+	case AF_INET6:
+		return memcmp(((struct sockaddr_in6*)sa)->sin6_addr.s6_addr, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16);
+	default:
+		return false;
 	}
 }
 
 
 bool seq_within(uint32_t s, uint32_t s1, uint32_t s2)
 {
-	return (s2>=s1 && s>=s1 && s<=s2) || (s2<s1 && (s<=s2 || s>=s1));
+	return (s2 >= s1 && s >= s1 && s <= s2) || (s2 < s1 && (s <= s2 || s >= s1));
 }
 
 bool ipv6_addr_is_zero(const struct in6_addr *a)
 {
-    return !memcmp(a,"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",16);
+	return !memcmp(a, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16);
 }
 
 
@@ -309,8 +309,8 @@ uint32_t pntoh24(const uint8_t *p)
 }
 void phton24(uint8_t *p, uint32_t v)
 {
-	p[0] = (uint8_t)(v>>16);
-	p[1] = (uint8_t)(v>>8);
+	p[0] = (uint8_t)(v >> 16);
+	p[1] = (uint8_t)(v >> 8);
 	p[2] = (uint8_t)v;
 }
 uint32_t pntoh32(const uint8_t *p)
@@ -319,9 +319,9 @@ uint32_t pntoh32(const uint8_t *p)
 }
 void phton32(uint8_t *p, uint32_t v)
 {
-	p[0] = (uint8_t)(v>>24);
-	p[1] = (uint8_t)(v>>16);
-	p[2] = (uint8_t)(v>>8);
+	p[0] = (uint8_t)(v >> 24);
+	p[1] = (uint8_t)(v >> 16);
+	p[2] = (uint8_t)(v >> 8);
 	p[3] = (uint8_t)v;
 }
 uint64_t pntoh48(const uint8_t *p)
@@ -330,11 +330,11 @@ uint64_t pntoh48(const uint8_t *p)
 }
 void phton48(uint8_t *p, uint64_t v)
 {
-	p[0] = (uint8_t)(v>>40);
-	p[1] = (uint8_t)(v>>32);
-	p[2] = (uint8_t)(v>>24);
-	p[3] = (uint8_t)(v>>16);
-	p[4] = (uint8_t)(v>>8);
+	p[0] = (uint8_t)(v >> 40);
+	p[1] = (uint8_t)(v >> 32);
+	p[2] = (uint8_t)(v >> 24);
+	p[3] = (uint8_t)(v >> 16);
+	p[4] = (uint8_t)(v >> 8);
 	p[5] = (uint8_t)v;
 }
 uint64_t pntoh64(const uint8_t *p)
@@ -343,24 +343,24 @@ uint64_t pntoh64(const uint8_t *p)
 }
 void phton64(uint8_t *p, uint64_t v)
 {
-	p[0] = (uint8_t)(v>>56);
-	p[1] = (uint8_t)(v>>48);
-	p[2] = (uint8_t)(v>>40);
-	p[3] = (uint8_t)(v>>32);
-	p[4] = (uint8_t)(v>>24);
-	p[5] = (uint8_t)(v>>16);
-	p[6] = (uint8_t)(v>>8);
+	p[0] = (uint8_t)(v >> 56);
+	p[1] = (uint8_t)(v >> 48);
+	p[2] = (uint8_t)(v >> 40);
+	p[3] = (uint8_t)(v >> 32);
+	p[4] = (uint8_t)(v >> 24);
+	p[5] = (uint8_t)(v >> 16);
+	p[6] = (uint8_t)(v >> 8);
 	p[7] = (uint8_t)v;
 }
 
 uint16_t bswap16(uint16_t u)
 {
 	// __builtin_bswap16 is absent in ancient lexra gcc 4.6
-	return (u>>8) | ((u&0xFF)<<8);
+	return (u >> 8) | ((u & 0xFF) << 8);
 }
 uint32_t bswap24(uint32_t u)
 {
-	return (u>>16) & 0xFF | u & 0xFF00 | (u<<16) & 0xFF0000;
+	return (u >> 16) & 0xFF | u & 0xFF00 | (u << 16) & 0xFF0000;
 }
 uint64_t bswap48(uint64_t u)
 {
@@ -371,39 +371,39 @@ uint64_t bswap48(uint64_t u)
 #define INVALID_HEX_DIGIT ((uint8_t)-1)
 static inline uint8_t parse_hex_digit(char c)
 {
-	return (c>='0' && c<='9') ? c-'0' : (c>='a' && c<='f') ? c-'a'+0xA : (c>='A' && c<='F') ? c-'A'+0xA : INVALID_HEX_DIGIT;
+	return (c >= '0' && c <= '9') ? c - '0' : (c >= 'a' && c <= 'f') ? c - 'a' + 0xA : (c >= 'A' && c <= 'F') ? c - 'A' + 0xA : INVALID_HEX_DIGIT;
 }
 static inline bool parse_hex_byte(const char *s, uint8_t *pbyte)
 {
-	uint8_t u,l;
+	uint8_t u, l;
 	u = parse_hex_digit(s[0]);
 	l = parse_hex_digit(s[1]);
-	if (u==INVALID_HEX_DIGIT || l==INVALID_HEX_DIGIT)
+	if (u == INVALID_HEX_DIGIT || l == INVALID_HEX_DIGIT)
 	{
-		*pbyte=0;
+		*pbyte = 0;
 		return false;
 	}
 	else
 	{
-		*pbyte=(u<<4) | l;
+		*pbyte = (u << 4) | l;
 		return true;
 	}
 }
 bool parse_hex_str(const char *s, uint8_t *pbuf, size_t *size)
 {
-	uint8_t *pe = pbuf+*size;
-	*size=0;
-	while(pbuf<pe && *s)
+	uint8_t *pe = pbuf + *size;
+	*size = 0;
+	while (pbuf < pe && *s)
 	{
-		if (!parse_hex_byte(s,pbuf))
+		if (!parse_hex_byte(s, pbuf))
 			return false;
-		pbuf++; s+=2; (*size)++;
+		pbuf++; s += 2; (*size)++;
 	}
 	return true;
 }
 char hex_digit(uint8_t v)
 {
-	return v<=9 ? '0'+v : (v<=0xF) ? v+'A'-0xA : '?';
+	return v <= 9 ? '0' + v : (v <= 0xF) ? v + 'A' - 0xA : '?';
 }
 
 int fprint_localtime(FILE *F)
@@ -412,39 +412,39 @@ int fprint_localtime(FILE *F)
 	time_t now;
 
 	time(&now);
-	localtime_r(&now,&t);
+	localtime_r(&now, &t);
 	return fprintf(F, "%02d.%02d.%04d %02d:%02d:%02d", t.tm_mday, t.tm_mon + 1, t.tm_year + 1900, t.tm_hour, t.tm_min, t.tm_sec);
 }
 
 bool file_size(const char *filename, off_t *size)
 {
 	struct stat st;
-	if (stat(filename,&st)==-1) return false;
+	if (stat(filename, &st) == -1) return false;
 	*size = st.st_size;
 	return true;
 }
 time_t file_mod_time(const char *filename)
 {
 	struct stat st;
-	return stat(filename,&st)==-1 ? 0 : st.st_mtime;
+	return stat(filename, &st) == -1 ? 0 : st.st_mtime;
 }
 bool file_mod_signature(const char *filename, file_mod_sig *ms)
 {
 	struct stat st;
-	if (stat(filename,&st)==-1)
+	if (stat(filename, &st) == -1)
 	{
 		FILE_MOD_RESET(ms);
 		return false;
 	}
-	ms->mod_time=st.st_mtime;
-	ms->size=st.st_size;
+	ms->mod_time = st.st_mtime;
+	ms->size = st.st_size;
 	return true;
 }
 
 bool file_open_test(const char *filename, int flags)
 {
-	int fd = open(filename,flags);
-	if (fd>=0)
+	int fd = open(filename, flags);
+	if (fd >= 0)
 	{
 		close(fd);
 		return true;
@@ -453,54 +453,54 @@ bool file_open_test(const char *filename, int flags)
 }
 
 
-void fill_random_bytes(uint8_t *p,size_t sz)
+void fill_random_bytes(uint8_t *p, size_t sz)
 {
 	size_t k;
 	if (sz)
 	{
 		// alignment
-		if ((size_t)p & 1) { *p=(uint8_t)random(); sz--; p++; }
+		if ((size_t)p & 1) { *p = (uint8_t)random(); sz--; p++; }
 		// random has only 31 bits of entropy. not 32 bits
-		for (k=0 ; (k+1)<sz ; k+=2) *(uint16_t*)(p+k) = (uint16_t)random();
-		if (sz & 1) p[sz-1]=(uint8_t)random();
+		for (k = 0; (k + 1) < sz; k += 2) *(uint16_t*)(p + k) = (uint16_t)random();
+		if (sz & 1) p[sz - 1] = (uint8_t)random();
 	}
 }
-void fill_random_az(uint8_t *p,size_t sz)
+void fill_random_az(uint8_t *p, size_t sz)
 {
 	size_t k;
-	for(k=0;k<sz;k++) p[k] = 'a'+(random() % ('z'-'a'+1));
+	for (k = 0; k < sz; k++) p[k] = 'a' + (random() % ('z' - 'a' + 1));
 }
-void fill_random_az09(uint8_t *p,size_t sz)
+void fill_random_az09(uint8_t *p, size_t sz)
 {
 	size_t k;
 	uint8_t rnd;
-	for(k=0;k<sz;k++)
+	for (k = 0; k < sz; k++)
 	{
-		rnd = random() % (10 + 'z'-'a'+1);
-		p[k] = rnd<10 ? rnd+'0' : 'a'+rnd-10;
+		rnd = random() % (10 + 'z' - 'a' + 1);
+		p[k] = rnd < 10 ? rnd + '0' : 'a' + rnd - 10;
 	}
 }
 #if defined(__FreeBSD__) && __FreeBSD_version <= 1200000
 #include <sys/sysctl.h>
 int getentropy(void *buf, size_t len)
 {
-    int mib[2];
-    size_t size = len;
+	int mib[2];
+	size_t size = len;
 
-    // Check for reasonable length (getentropy limits to 256)
-    if (len > 256) {
-        errno = EIO;
-        return -1;
-    }
+	// Check for reasonable length (getentropy limits to 256)
+	if (len > 256) {
+		errno = EIO;
+		return -1;
+	}
 
-    mib[0] = CTL_KERN;
-    mib[1] = KERN_ARND;
+	mib[0] = CTL_KERN;
+	mib[1] = KERN_ARND;
 
-    if (sysctl(mib, 2, buf, &size, NULL, 0) == -1) {
-        return -1;
-    }
+	if (sysctl(mib, 2, buf, &size, NULL, 0) == -1) {
+		return -1;
+	}
 
-    return (size == len) ? 0 : -1;
+	return (size == len) ? 0 : -1;
 }
 #endif
 
@@ -508,48 +508,89 @@ int getentropy(void *buf, size_t len)
 ssize_t read_intr(int fd, void *buf, size_t count)
 {
 	ssize_t rd;
-	while ((rd=read(fd,buf,count))<0 && errno==EINTR);
+	while ((rd = read(fd, buf, count)) < 0 && errno == EINTR);
 	return rd;
 }
 
-bool fill_crypto_random_bytes(uint8_t *p,size_t sz)
+size_t fread_safe(void *ptr, size_t size, size_t nmemb, FILE *F)
+{
+	size_t total_read = 0;
+	while (total_read < nmemb)
+	{
+		size_t result = fread((uint8_t*)ptr + (total_read * size), size, nmemb - total_read, F);
+		if (result < (nmemb - total_read))
+		{
+			if (errno == EINTR)
+			{
+				clearerr(F);
+				total_read += result;
+				continue;
+			}
+			total_read += result;
+			break;
+		}
+		total_read += result;
+	}
+	return total_read;
+}
+char* fgets_safe(char *s, int size, FILE *stream)
+{
+	char *result;
+
+	while (true)
+	{
+		if ((result = fgets(s, size, stream))) return result;
+		if (ferror(stream))
+		{
+			if (errno == EINTR)
+			{
+				clearerr(stream);
+				continue;
+			}
+			return NULL;
+		}
+		if (feof(stream)) return NULL;
+	}
+}
+
+bool fill_crypto_random_bytes(uint8_t *p, size_t sz)
 {
 	ssize_t rd;
 	int fd;
 
 #if defined(__linux__) || defined(__CYGWIN__)
-	for(; sz && (rd=getrandom(p,sz,GRND_NONBLOCK))>0 ; p+=rd, sz-=rd);
+	for (; sz && (rd = getrandom(p, sz, GRND_NONBLOCK)) > 0; p += rd, sz -= rd);
 	if (sz)
 #elif defined(BSD)
-	while(sz)
+	while (sz)
 	{
-		rd = sz<256 ? sz : 256; // BSD limitation
-		if (getentropy(p,rd)) break;
-		p+=rd; sz-=rd;
+		rd = sz < 256 ? sz : 256; // BSD limitation
+		if (getentropy(p, rd)) break;
+		p += rd; sz -= rd;
 	}
 	if (sz)
 #endif
 	{
-		if ((fd = open("/dev/random",O_NONBLOCK))>=0)
+		if ((fd = open("/dev/random", O_NONBLOCK)) >= 0)
 		{
 			do
 			{
-				if ((rd=read_intr(fd,p,sz))>0)
+				if ((rd = read_intr(fd, p, sz)) > 0)
 				{
-					p+=rd; sz-=rd;
+					p += rd; sz -= rd;
 				}
-			} while(sz && rd>0);
+			} while (sz && rd > 0);
 			close(fd);
 		}
-		if (sz && (fd = open("/dev/urandom",0))>=0)
+		if (sz && (fd = open("/dev/urandom", 0)) >= 0)
 		{
 			do
 			{
-				if ((rd=read_intr(fd,p,sz))>0)
+				if ((rd = read_intr(fd, p, sz)) > 0)
 				{
-					p+=rd; sz-=rd;
+					p += rd; sz -= rd;
 				}
-			} while(sz && rd>0);
+			} while (sz && rd > 0);
 			close(fd);
 		}
 	}
@@ -557,33 +598,33 @@ bool fill_crypto_random_bytes(uint8_t *p,size_t sz)
 }
 
 #if defined(__GNUC__) && !defined(__llvm__)
-__attribute__((optimize ("no-strict-aliasing")))
+__attribute__((optimize("no-strict-aliasing")))
 #endif
 void bxor(const uint8_t *x1, const uint8_t *x2, uint8_t *result, size_t sz)
 {
-	for (; sz>=8 ; x1+=8, x2+=8, result+=8, sz-=8)
+	for (; sz >= 8; x1 += 8, x2 += 8, result += 8, sz -= 8)
 		*(uint64_t*)result = *(uint64_t*)x1 ^ *(uint64_t*)x2;
-	for (; sz ; x1++, x2++, result++, sz--)
+	for (; sz; x1++, x2++, result++, sz--)
 		*result = *x1 ^ *x2;
 }
 #if defined(__GNUC__) && !defined(__llvm__)
-__attribute__((optimize ("no-strict-aliasing")))
+__attribute__((optimize("no-strict-aliasing")))
 #endif
 void bor(const uint8_t *x1, const uint8_t *x2, uint8_t *result, size_t sz)
 {
-	for (; sz>=8 ; x1+=8, x2+=8, result+=8, sz-=8)
+	for (; sz >= 8; x1 += 8, x2 += 8, result += 8, sz -= 8)
 		*(uint64_t*)result = *(uint64_t*)x1 | *(uint64_t*)x2;
-	for (; sz ; x1++, x2++, result++, sz--)
+	for (; sz; x1++, x2++, result++, sz--)
 		*result = *x1 | *x2;
 }
 #if defined(__GNUC__) && !defined(__llvm__)
-__attribute__((optimize ("no-strict-aliasing")))
+__attribute__((optimize("no-strict-aliasing")))
 #endif
 void band(const uint8_t *x1, const uint8_t *x2, uint8_t *result, size_t sz)
 {
-	for (; sz>=8 ; x1+=8, x2+=8, result+=8, sz-=8)
+	for (; sz >= 8; x1 += 8, x2 += 8, result += 8, sz -= 8)
 		*(uint64_t*)result = *(uint64_t*)x1 & *(uint64_t*)x2;
-	for (; sz ; x1++, x2++, result++, sz--)
+	for (; sz; x1++, x2++, result++, sz--)
 		*result = *x1 & *x2;
 }
 
@@ -608,12 +649,12 @@ void close_std_and_exit(int code)
 
 bool set_env_exedir(const char *argv0)
 {
-	char *s,*d;
-	bool bOK=false;
+	char *s, *d;
+	bool bOK = false;
 	if ((s = strdup(argv0)))
 	{
 		if ((d = dirname(s)))
-			bOK = !setenv("EXEDIR",d,1);
+			bOK = !setenv("EXEDIR", d, 1);
 		free(s);
 	}
 	return bOK;
@@ -632,28 +673,28 @@ bool parse_int16(const char *p, int16_t *v)
 
 uint32_t mask_from_bitcount(uint32_t zct)
 {
-	return zct<32 ? ~((1u << zct) - 1) : 0;
+	return zct < 32 ? ~((1u << zct) - 1) : 0;
 }
 static void mask_from_bitcount6_make(uint32_t zct, struct in6_addr *a)
 {
 	if (zct >= 128)
-		memset(a->s6_addr,0x00,16);
+		memset(a->s6_addr, 0x00, 16);
 	else
 	{
 		int32_t n = (127 - zct) >> 3;
-		memset(a->s6_addr,0xFF,n);
-		memset(a->s6_addr+n,0x00,16-n);
+		memset(a->s6_addr, 0xFF, n);
+		memset(a->s6_addr + n, 0x00, 16 - n);
 		a->s6_addr[n] = ~((1u << (zct & 7)) - 1);
 	}
 }
 static struct in6_addr ip6_mask[129];
 void mask_from_bitcount6_prepare(void)
 {
-	for (int zct=0;zct<=128;zct++) mask_from_bitcount6_make(zct, ip6_mask+zct);
+	for (int zct = 0; zct <= 128; zct++) mask_from_bitcount6_make(zct, ip6_mask + zct);
 }
 const struct in6_addr *mask_from_bitcount6(uint32_t zct)
 {
-	return ip6_mask+zct;
+	return ip6_mask + zct;
 }
 
 time_t boottime(void)
diff --git a/nfq2/helpers.h b/nfq2/helpers.h
index f7f08b6..b7fd7b6 100644
--- a/nfq2/helpers.h
+++ b/nfq2/helpers.h
@@ -34,6 +34,8 @@ const char *strncasestr(const char *s,const char *find, size_t slen);
 bool is_identifier(const char *p);
 
 ssize_t read_intr(int fd, void *buf, size_t count);
+size_t fread_safe(void *ptr, size_t size, size_t nmemb, FILE *F);
+char* fgets_safe(char *s, int size, FILE *stream);
 
 bool load_file(const char *filename, off_t offset, void *buffer, size_t *buffer_size);
 bool save_file(const char *filename, const void *buffer, size_t buffer_size);
diff --git a/nfq2/hostlist.c b/nfq2/hostlist.c
index 24829f3..8e9d8e9 100644
--- a/nfq2/hostlist.c
+++ b/nfq2/hostlist.c
@@ -87,7 +87,7 @@ bool AppendHostList(hostlist_pool **hostlist, const char *filename)
 	{
 		DLOG_CONDUP("loading plain text list\n");
 
-		while (fgets(s, sizeof(s), F))
+		while (fgets_safe(s, sizeof(s), F))
 		{
 			p = s;
 			if (!addpool(hostlist,&p,p+strlen(p),&ct))
diff --git a/nfq2/nfqws.c b/nfq2/nfqws.c
index edb44de..9678a7d 100644
--- a/nfq2/nfqws.c
+++ b/nfq2/nfqws.c
@@ -625,7 +625,7 @@ static int dvt_main(void)
 			if (FD_ISSET(fd[i], &fdset))
 			{
 				socklen = sizeof(sa_from);
-				rd = recvfrom(fd[i], buf, sizeof(buf), 0, (struct sockaddr*)&sa_from, &socklen);
+				while ((rd = recvfrom(fd[i], buf, sizeof(buf), 0, (struct sockaddr*)&sa_from, &socklen))<0 && errno==EINTR);
 				if (rd < 0)
 				{
 					DLOG_PERROR("recvfrom");