From owner-freebsd-arch@FreeBSD.ORG Wed Feb 27 05:26:27 2008 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 70008106566B; Wed, 27 Feb 2008 05:26:27 +0000 (UTC) (envelope-from wollman@hergotha.csail.mit.edu) Received: from hergotha.csail.mit.edu (hergotha.csail.mit.edu [66.92.79.170]) by mx1.freebsd.org (Postfix) with ESMTP id 0752C13C455; Wed, 27 Feb 2008 05:26:26 +0000 (UTC) (envelope-from wollman@hergotha.csail.mit.edu) Received: from hergotha.csail.mit.edu (localhost [127.0.0.1]) by hergotha.csail.mit.edu (8.13.8/8.13.8) with ESMTP id m1R5QQtk024164; Wed, 27 Feb 2008 00:26:26 -0500 (EST) (envelope-from wollman@hergotha.csail.mit.edu) Received: (from wollman@localhost) by hergotha.csail.mit.edu (8.13.8/8.13.8/Submit) id m1R5QQT3024163; Wed, 27 Feb 2008 00:26:26 -0500 (EST) (envelope-from wollman) Date: Wed, 27 Feb 2008 00:26:26 -0500 (EST) From: Garrett Wollman Message-Id: <200802270526.m1R5QQT3024163@hergotha.csail.mit.edu> To: jhb@freebsd.org X-Newsgroups: mit.lcs.mail.freebsd-arch In-Reply-To: <200802262355.16519.jhb@freebsd.org> References: <200802262251.m1QMp7bV021709@hergotha.csail.mit.edu> Organization: None X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (hergotha.csail.mit.edu [127.0.0.1]); Wed, 27 Feb 2008 00:26:26 -0500 (EST) X-Spam-Status: No, score=-1.4 required=5.0 tests=ALL_TRUSTED autolearn=disabled version=3.2.3 X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on hergotha.csail.mit.edu Cc: arch@freebsd.org Subject: Re: Cleaning up FILE in stdio.. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Feb 2008 05:26:27 -0000 In article <200802262355.16519.jhb@freebsd.org>, John Baldwin writes: >On Tuesday 26 February 2008 05:51:07 pm Garrett Wollman wrote: >+ /* >+ * File descriptors are a full int, but _file is only a short. >+ * If we get a valid file descriptor that is greater than >+ * SHRT_MAX, then the fd will get sign-extended into an >+ * invalid file descriptor. Handle this case by failing the >+ * open. >+ */ >+ if (fd > SHRT_MAX) { >+ errno = EINVAL; >+ return (NULL); >+ } >+ Please, please, please, whatever you do, don't add Yet Another Overloaded Meaning for [EINVAL]. Use [EMFILE] instead, which is defined to have the precise meaning desired here. For extra credit, fix the various places {STREAM_MAX} is defined to take this limit into account. I think the following may be all that is required (beware xterm cut-and-paste screwage): Index: lib/libc/gen/sysconf.c =================================================================== RCS file: /home/ncvs/src/lib/libc/gen/sysconf.c,v retrieving revision 1.20 diff -u -r1.20 sysconf.c --- lib/libc/gen/sysconf.c 17 Nov 2002 08:54:29 -0000 1.20 +++ lib/libc/gen/sysconf.c 27 Feb 2008 05:23:24 -0000 @@ -105,7 +105,6 @@ mib[1] = KERN_NGROUPS; break; case _SC_OPEN_MAX: - case _SC_STREAM_MAX: /* assume fds run out before memory does */ if (getrlimit(RLIMIT_NOFILE, &rl) != 0) return (-1); if (rl.rlim_cur == RLIM_INFINITY) @@ -115,6 +114,25 @@ return (-1); } return ((long)rl.rlim_cur); + case _SC_STREAM_MAX: + if (getrlimit(RLIMIT_NOFILE, &rl) != 0) + return (-1); + if (rl.rlim_cur == RLIM_INFINITY) + return (-1); + if (rl.rlim_cur > LONG_MAX) { + errno = EOVERFLOW; + return (-1); + } + /* + * struct __sFILE currently has a limitation that + * file descriptors must fit in a signed short. + * This doesn't precisely capture the letter of POSIX + * but approximates the spirit. + */ + if (rl.rlim_cur > SHRT_MAX) + return (SHRT_MAX); + + return ((long)rl.rlim_cur); case _SC_JOB_CONTROL: return (_POSIX_JOB_CONTROL); case _SC_SAVED_IDS: -GAWollman