[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] Ensure virStrerror always sets an error string



[adding bug-gnulib]

On 05/18/2011 11:07 AM, Daniel P. Berrange wrote:
> strerror_r() is free to not set any error string, if the passed
> errno is not valid. It may, however, still return a pointer to
> the original passed in buffer. This resulting in random garbage
> from the stack being present as the error string.

Indeed.  However, I'm inclined to NACK the libvirt patch, because:

Right now, gnulib guarantees that strerror() always gives a useful
result (non-empty string for all errno values, even though POSIX allows
an empty string), but the strerror_r-posix module is not making those
same guarantees.

Therefore, I argue that this is a bug in gnulib.  We should be changing
the strerror_r-posix module to guarantee sane behavior, rather than just
bare-minimum compliance, even if that means replacing strerror_r on a
few more platforms.

> +++ b/src/util/virterror.c
> @@ -1267,9 +1267,13 @@ const char *virStrerror(int theerrno, char *errBuf, size_t errBufLen)
>      int save_errno = errno;
>      const char *ret;
>  
> +    memset(errBuf, 0, errBufLen);

That's a bit time-consuming, especially if errBufLen is MUCH bigger than
the message to be printed.  It would suffice to simply do *errbuf=0.

>      strerror_r(theerrno, errBuf, errBufLen);
>      ret = errBuf;
>      errno = save_errno;
> +
> +    if (ret[0] == '\0')
> +        strncpy(errBuf, _("Unknown errno"), errBufLen);
>      return ret;
>  }
>  

-- 
Eric Blake   eblake redhat com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]