---
 src/daemon.c   |   35 ++++++++++++++++++++++++++++-------
 src/password.c |    3 ++-
 src/pesign.c   |   10 ++++++++--
 3 files changed, 38 insertions(+), 10 deletions(-)

--- a/src/daemon.c
+++ b/src/daemon.c
@@ -436,7 +436,11 @@ malformed:
 		if (rc < 0) {
 err_attached:
 			pe_end(outpe);
-			ftruncate(outfd, 0);
+			if (ftruncate(outfd, 0) != 0) {
+				ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
+					"pesignd: could not truncate output "
+					"file: %m");
+			}
 			goto finish;
 		}
 		ssize_t sigspace = calculate_signature_space(ctx->cms, outpe);
@@ -453,21 +457,33 @@ err_attached:
 		finalize_signatures(ctx->cms, outpe);
 		pe_end(outpe);
 	} else {
-		ftruncate(outfd, 0);
+		if (ftruncate(outfd, 0) != 0) {
+			ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
+				"pesignd: could not truncate output file: %m");
+		}
 		rc = generate_digest(ctx->cms, inpe);
 		if (rc < 0) {
 err_detached:
-			ftruncate(outfd, 0);
+			if (ftruncate(outfd, 0) != 0) {
+				ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
+					"pesignd: could not truncate output "
+					"file: %m");
+			}
 			goto finish;
 		}
 		rc = generate_signature(ctx->cms);
 		if (rc < 0)
 			goto err_detached;
 		rc = export_signature(ctx->cms, outfd, 0);
-		if (rc >= 0)
-			ftruncate(outfd, rc);
-		else if (rc < 0)
+		if (rc >= 0) {
+			if (ftruncate(outfd, rc) != 0) {
+				ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
+					"pesignd: could not truncate output "
+					"file: %m");
+			}
+		} else if (rc < 0) {
 			goto err_detached;
+		}
 	}
 
 finish:
@@ -979,7 +995,12 @@ daemonize(cms_context *cms_ctx, int do_f
 		exit(1);
 	}
 
-	chdir(homedir ? homedir : "/");
+	if (chdir(homedir ? homedir : "/") != 0) {
+		ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
+			"pesignd: could not change working directory "
+			"for pesign: %m");
+		exit(1);
+	}
 
 	if (getuid() == 0) {
 		/* process is running as root, drop privileges */
--- a/src/password.c
+++ b/src/password.c
@@ -76,7 +76,8 @@ static char *SEC_GetPassword(FILE *input
 	    echoOff(infd);
 	}
 
-	fgets ( phrase, sizeof(phrase), input);
+	if (fgets(phrase, sizeof(phrase), input) == NULL)
+		phrase[0] = '\0';
 
 	if (isTTY) {
 	    fprintf(output, "\n");
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -161,9 +161,15 @@ open_output(pesign_context *ctx)
 
 	addr = pe_rawfile(ctx->inpe, &size);
 
-	ftruncate(ctx->outfd, size);
+	if (ftruncate(ctx->outfd, size) != 0) {
+		fprintf(stderr, "pesign: could not truncate output file: %m\n");
+		exit(1);
+	}
 	lseek(ctx->outfd, 0, SEEK_SET);
-	write(ctx->outfd, addr, size);
+	if (write(ctx->outfd, addr, size) != size) {
+		fprintf(stderr, "pesign: could not write output file: %m\n");
+		exit(1);
+	}
 
 	Pe_Cmd cmd = ctx->outfd == STDOUT_FILENO ? PE_C_RDWR : PE_C_RDWR_MMAP;
 	ctx->outpe = pe_begin(ctx->outfd, cmd, NULL);