Eric Blake wrote:
> 2011-05-20 Eric Blake <ebl...@redhat.com>
>
> + strerror_r: enforce POSIX recommendations
> + * lib/strerror_r.c (safe_copy): New helper method.
> + (strerror_r): Guarantee a non-empty string.
> + * tests/test-strerror_r.c (main): Enhance tests to incorporate
> + recent POSIX rulings and to match our strerror guarantees.
> + * doc/posix-functions/strerror_r.texi (strerror_r): Document this.
This looks good, except one part:
> @@ -436,9 +448,16 @@ strerror_r (int errnum, char *buf, size_t buflen)
> {
> extern int __xpg_strerror_r (int errnum, char *buf, size_t buflen);
>
> + *buf = '\0';
> ret = __xpg_strerror_r (errnum, buf, buflen);
> if (ret < 0)
> ret = errno;
> + if (!*buf)
> + {
> + /* GNU strerror_r always returns a thread-safe untruncated
> + string; copy that into our buf. */
> + safe_copy (buf, buflen, strerror_r (errnum, buf, buflen));
> + }
> }
Here I would prefer to use __xpg_strerror_r a second time, with a
stack-allocated buffer of size 256. This is simpler than to use two
different functions from the system. Also "GNU strerror_r always returns
a thread-safe untruncated string" is an assumption, and if we can write
code that makes less assumptions, it's better.
Bruno
--
In memoriam Alfred Grünberg <http://en.wikipedia.org/wiki/Alfred_Grünberg>
