Eric Blake wrote: > 2011-05-20 Eric Blake <ebl...@redhat.com> > > + strerror_r: enforce POSIX recommendations > + * lib/strerror_r.c (safe_copy): New helper method. > + (strerror_r): Guarantee a non-empty string. > + * tests/test-strerror_r.c (main): Enhance tests to incorporate > + recent POSIX rulings and to match our strerror guarantees. > + * doc/posix-functions/strerror_r.texi (strerror_r): Document this.
This looks good, except one part: > @@ -436,9 +448,16 @@ strerror_r (int errnum, char *buf, size_t buflen) > { > extern int __xpg_strerror_r (int errnum, char *buf, size_t buflen); > > + *buf = '\0'; > ret = __xpg_strerror_r (errnum, buf, buflen); > if (ret < 0) > ret = errno; > + if (!*buf) > + { > + /* GNU strerror_r always returns a thread-safe untruncated > + string; copy that into our buf. */ > + safe_copy (buf, buflen, strerror_r (errnum, buf, buflen)); > + } > } Here I would prefer to use __xpg_strerror_r a second time, with a stack-allocated buffer of size 256. This is simpler than to use two different functions from the system. Also "GNU strerror_r always returns a thread-safe untruncated string" is an assumption, and if we can write code that makes less assumptions, it's better. Bruno -- In memoriam Alfred Grünberg <http://en.wikipedia.org/wiki/Alfred_Grünberg>