Date: Thu, 1 Sep 2011 22:37:32 +0200 From: Jilles Tjoelker <jilles@stack.nl> To: Sergey Kandaurov <pluknet@freebsd.org> Cc: svn-src-projects@freebsd.org, gk@freebsd.org, src-committers@freebsd.org, Matthew D Fleming <mdf@freebsd.org> Subject: Re: svn commit: r225097 - in projects/ino64: include lib/libc/gen usr.sbin/cpucontrol usr.sbin/lpr/common_source usr.sbin/newsyslog Message-ID: <20110901203732.GA98596@stack.nl> In-Reply-To: <CAE-mSOJOEQu0ejqGd47iAG4z4_GUzhizu1d1-aJR=V8iyNohwQ@mail.gmail.com> References: <201108222354.p7MNsC9B074753@svn.freebsd.org> <20110824211427.GB96070@stack.nl> <CAE-mSOJOEQu0ejqGd47iAG4z4_GUzhizu1d1-aJR=V8iyNohwQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 01, 2011 at 07:32:06PM +0400, Sergey Kandaurov wrote: > On 25 August 2011 01:14, Jilles Tjoelker <jilles@stack.nl> wrote: > > On Mon, Aug 22, 2011 at 11:54:12PM +0000, Matthew D Fleming wrote: > >> Author: mdf > >> Date: Mon Aug 22 23:54:12 2011 > >> New Revision: 225097 > >> URL: http://svn.freebsd.org/changeset/base/225097 > >> Log: > >> Avoid using dirfd name there is dirfd() macro already. > >> Use dirfd() instead of dirp->dd_fd. > >> Replace dirfd() macro with exported libc symbol. > >> Use _dirfd() macro internally. > >> GSoC r222835, r222836, r222837. > >> Code by Gleb Kurtsou. > >> Added: projects/ino64/lib/libc/gen/dirfd.c > >> ============================================================================== > >> --- /dev/null 00:00:00 1970 (empty, because file is newly added) > >> +++ projects/ino64/lib/libc/gen/dirfd.c Mon Aug 22 23:54:12 2011 (r225097) > > [snip] > >> +int > >> +dirfd(DIR *dirp) > >> +{ > >> + if (dirp == NULL) > >> + return (-1); > >> + > >> + return (_dirfd(dirp)); > >> +} > > Why have this check here? I think the original behaviour (a segfault) is > > more useful here since the return value of this interface is often not > > checked. > Why not to convert it to EINVAL? > As per IEEE Std 1003.1-2008: > The dirfd() function may fail if: > [EINVAL] > The dirp argument does not refer to a valid directory stream. Given that this error is optional and that there is no other mention of this condition, I think the undefined behaviour for a function argument outside the permitted domain still applies. Also, glibc and OpenSolaris dirfd() likewise segfault if passed a null pointer. A Google code search suggested that the interface is often used without checking (for example, passing the result directly to fchdir() or a *at function) and in that case returning -1 for a NULL pointer makes the problem harder to diagnose (fortunately, AT_FDCWD is not -1 so a *at function will at least fail with EBADF, like fchdir()). -- Jilles Tjoelker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110901203732.GA98596>