diff --git a/src/cgroup.c b/src/cgroup.c
index b71a7da2..67933837 100644
--- a/src/cgroup.c
+++ b/src/cgroup.c
@@ -185,6 +185,9 @@ static gboolean oom_cb_cgroup_v2(int fd, GIOCondition condition, G_GNUC_UNUSED g
 	ssize_t num_read = read(fd, &events, events_size);
 	if (num_read < 0) {
 		nwarn("Failed to read oom event from eventfd in v2");
+		/* On non-recoverable errors, remove the source */
+		if (errno != EAGAIN && errno != EWOULDBLOCK && errno != EINTR)
+			return G_SOURCE_REMOVE;
 		return G_SOURCE_CONTINUE;
 	}
 
@@ -234,6 +237,9 @@ static gboolean oom_cb_cgroup_v1(int fd, GIOCondition condition, gpointer user_d
 	ssize_t num_read = read(fd, &event_count, sizeof(uint64_t));
 	if (num_read < 0) {
 		nwarn("Failed to read oom event from eventfd");
+		/* On non-recoverable errors, remove the source */
+		if (errno != EAGAIN && errno != EWOULDBLOCK && errno != EINTR)
+			return G_SOURCE_REMOVE;
 		return G_SOURCE_CONTINUE;
 	}
 
@@ -276,6 +282,11 @@ gboolean check_cgroup2_oom()
 	if (!is_cgroup_v2)
 		return G_SOURCE_REMOVE;
 
+	if (!cgroup2_path) {
+		nwarn("cgroup2_path not initialized");
+		return G_SOURCE_REMOVE;
+	}
+
 	_cleanup_free_ char *memory_events_file_path = g_build_filename(cgroup2_path, "memory.events", NULL);
 
 	_cleanup_fclose_ FILE *fp = fopen(memory_events_file_path, "re");
diff --git a/src/cli.c b/src/cli.c
index 462f0bf7..0ad100ab 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -196,7 +196,6 @@ void process_cli()
 	}
 
 	// we should always override the container pid file if it's empty
-	// TODO FIXME I removed default_pid_file here. shouldn't opt_container_pid_file be cleaned up?
 	if (opt_container_pid_file == NULL)
 		opt_container_pid_file = g_strdup_printf("%s/pidfile-%s", cwd, opt_cid);
 
diff --git a/src/conmon.c b/src/conmon.c
index 36bd1842..6fe82d23 100644
--- a/src/conmon.c
+++ b/src/conmon.c
@@ -253,8 +253,6 @@ int main(int argc, char *argv[])
 			if (workerfd_stdout != dev_null_w && fchmod(STDOUT_FILENO, 0777) < 0 && errno != EINVAL)
 				nwarn("Failed to chmod stdout");
 
-			if (workerfd_stderr < 0)
-				workerfd_stderr = workerfd_stdout;
 			if (dup2(workerfd_stderr, STDERR_FILENO) < 0)
 				_pexit("Failed to dup over stderr");
 			if (workerfd_stderr != dev_null_w && fchmod(STDERR_FILENO, 0777) < 0 && errno != EINVAL)
diff --git a/src/conn_sock.c b/src/conn_sock.c
index 48a4e27f..c072ea71 100644
--- a/src/conn_sock.c
+++ b/src/conn_sock.c
@@ -100,6 +100,7 @@ static void bind_relative_to_dir(int dir_fd, int sock_fd, const char *path)
 	addr.sun_family = AF_UNIX;
 	if (dir_fd == -1) {
 		strncpy(addr.sun_path, path, sizeof(addr.sun_path) - 1);
+		addr.sun_path[sizeof(addr.sun_path) - 1] = '\0';
 	} else {
 		snprintf(addr.sun_path, sizeof(addr.sun_path), "/proc/self/fd/%d/%s", dir_fd, path);
 	}
diff --git a/src/ctr_exit.c b/src/ctr_exit.c
index ec52b964..eaad82ee 100644
--- a/src/ctr_exit.c
+++ b/src/ctr_exit.c
@@ -16,8 +16,8 @@
 #include <stdlib.h>
 #include <unistd.h>
 
-volatile pid_t container_pid = -1;
-volatile pid_t create_pid = -1;
+volatile sig_atomic_t container_pid = -1;
+volatile sig_atomic_t create_pid = -1;
 
 void on_sig_exit(int signal)
 {
@@ -206,9 +206,7 @@ void do_exit_command()
 		for (; opt_exit_args[n_args]; n_args++)
 			;
 
-	gchar **args = malloc(sizeof(gchar *) * (n_args + 2));
-	if (args == NULL)
-		_exit(EXIT_FAILURE);
+	gchar **args = g_malloc(sizeof(gchar *) * (n_args + 2));
 
 	args[0] = opt_exit_command;
 	if (opt_exit_args)
@@ -249,5 +247,5 @@ void cleanup_socket_dir_symlink()
 
 void handle_signal(G_GNUC_UNUSED const int signum)
 {
-	exit(EXIT_FAILURE);
+	_exit(EXIT_FAILURE);
 }
diff --git a/src/ctr_exit.h b/src/ctr_exit.h
index b60c8bb8..7f256856 100644
--- a/src/ctr_exit.h
+++ b/src/ctr_exit.h
@@ -2,11 +2,12 @@
 #define CTR_EXIT_H
 
 #include <sys/types.h> /* pid_t */
+#include <signal.h>    /* sig_atomic_t */
 #include <glib.h>      /* gpointer, gboolean, GHashTable, and GPid */
 
 
-extern volatile pid_t container_pid;
-extern volatile pid_t create_pid;
+extern volatile sig_atomic_t container_pid;
+extern volatile sig_atomic_t create_pid;
 
 struct pid_check_data {
 	GHashTable *pid_to_handler;
diff --git a/src/ctrl.c b/src/ctrl.c
index a0479ba9..472c71f8 100644
--- a/src/ctrl.c
+++ b/src/ctrl.c
@@ -108,8 +108,8 @@ static gboolean process_winsz_ctrl_line(char *line)
 	int height, width, ret = -1;
 	ret = sscanf(line, "%d %d\n", &height, &width);
 	ndebugf("Height: %d, Width: %d", height, width);
-	if (ret != 2) {
-		nwarn("Failed to sscanf message");
+	if (ret != 2 || height < 0 || width < 0) {
+		nwarn("Failed to parse window size message");
 		return FALSE;
 	}
 	resize_winsz(height, width);
@@ -137,8 +137,8 @@ static gboolean process_terminal_ctrl_line(char *line)
 	 */
 	int ctl_msg_type, height, width, ret = -1;
 	ret = sscanf(line, "%d %d %d\n", &ctl_msg_type, &height, &width);
-	if (ret != 3) {
-		nwarn("Failed to sscanf message");
+	if (ret != 3 || height < 0 || width < 0) {
+		nwarn("Failed to parse control message");
 		return FALSE;
 	}
 
diff --git a/src/globals.h b/src/globals.h
index 053d7634..28292993 100644
--- a/src/globals.h
+++ b/src/globals.h
@@ -4,7 +4,6 @@
 #include <glib.h> /* gboolean and GMainLoop */
 
 /* Global state */
-// TODO FIXME not static
 extern int runtime_status;
 extern int container_status;