--- clevis-20.old/src/luks/udisks2/clevis-luks-udisks2.c	2024-03-08 09:35:37.000000000 +0100
+++ clevis-20/src/luks/udisks2/clevis-luks-udisks2.c	2024-05-21 10:04:15.301469592 +0200
@@ -264,8 +264,10 @@
 
 error:
     g_list_free_full(ctx.lst, g_free);
-    g_main_loop_unref(ctx.loop);
-    g_object_unref(ctx.clt);
+    if (ctx.loop) 
+        g_main_loop_unref(ctx.loop);
+    if (ctx.clt) 
+        g_object_unref(ctx.clt);
     close(sock);
     return exit_status;
 }
@@ -299,12 +301,12 @@
     safeclose(&pair[0]);
 }
 
-static ssize_t
-recover_key(const pkt_t *jwe, char *out, size_t max, uid_t uid, gid_t gid)
+static uint32_t
+recover_key(const pkt_t *jwe, char *out, int32_t max, uid_t uid, gid_t gid)
 {
     int push[2] = { -1, -1 };
     int pull[2] = { -1, -1 };
-    ssize_t bytes = 0;
+    int32_t bytes = 0;
     pid_t chld = 0;
 
     if (pipe(push) != 0)
@@ -379,12 +381,18 @@
     }
 
     bytes = 0;
-    for (ssize_t block = 1; block > 0; bytes += block) {
-        block = read(pull[PIPE_RD], &out[bytes], max - bytes);
-        if (block < 0) {
-            kill(chld, SIGTERM);
-            goto error;
-        }
+    ssize_t block = 0;
+    while (max > 0 && max > bytes) {
+       do {
+           block = read(pull[PIPE_RD], &out[bytes], max - bytes);
+       } while (block < 0 && errno == EINTR);
+       if (block < 0 || block < INT32_MIN || block > INT32_MAX) {
+           kill(chld, SIGTERM);
+           goto error;
+       }
+       if (block == 0)
+           break;
+       bytes += block;
     }
 
     safeclose(&pull[PIPE_RD]);