X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;ds=sidebyside;f=lib%2Fxreadlink.c;h=2e66c07f240791c8c1b05609da58ca58e6dd3b34;hb=7acea197e2d653876ae7113d5538a4544ce60d84;hp=333551fedabbedb99e71f2043a223a0b3b195de4;hpb=7d7fb7355d5c231ef7b954d5f28f550efa16eaf5;p=gnulib.git

diff --git a/lib/xreadlink.c b/lib/xreadlink.c
index 333551fed..2e66c07f2 100644
--- a/lib/xreadlink.c
+++ b/lib/xreadlink.c
@@ -1,6 +1,6 @@
-/* exclude.c -- exclude file names
+/* xreadlink.c -- readlink wrapper to return the link name in malloc'd storage
 
-   Copyright 2001 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2003, 2004 Free Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -23,50 +23,63 @@
 # include <config.h>
 #endif
 
+#include "xreadlink.h"
+
 #include <stdio.h>
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_STDLIB_H
-# include <stdlib.h>
-#endif
+#include <errno.h>
+#include <limits.h>
+#include <sys/types.h>
+#include <stdlib.h>
 #if HAVE_UNISTD_H
 # include <unistd.h>
 #endif
 
+#ifndef SIZE_MAX
+# define SIZE_MAX ((size_t) -1)
+#endif
+#ifndef SSIZE_MAX
+# define SSIZE_MAX ((ssize_t) (SIZE_MAX / 2))
+#endif
+
 #include "xalloc.h"
-#include "xreadlink.h"
 
 /* Call readlink to get the symbolic link value of FILENAME.
+   SIZE is a hint as to how long the link is expected to be;
+   typically it is taken from st_size.  It need not be correct.
    Return a pointer to that NUL-terminated string in malloc'd storage.
-   If readlink fails, return NULL (use errno to diagnose).
-   If realloc fails, or if the link value is longer than SIZE_MAX :-),
+   If readlink fails, return NULL (caller may use errno to diagnose).
+   If malloc fails, or if the link value is longer than SSIZE_MAX :-),
    give a diagnostic and exit.  */
 
 char *
-xreadlink (char const *filename, size_t *link_length_arg)
+xreadlink (char const *filename, size_t size)
 {
-  size_t buf_size = 128;  /* must be a power of 2 */
-  char *buffer = NULL;
+  /* The initial buffer size for the link value.  A power of 2
+     detects arithmetic overflow earlier, but is not required.  */
+  size_t buf_size = size + 1;
 
   while (1)
     {
-      int link_length;
-      buffer = (char *) xrealloc (buffer, buf_size);
-      link_length = readlink (filename, buffer, buf_size);
+      char *buffer = xmalloc (buf_size);
+      ssize_t link_length = readlink (filename, buffer, buf_size);
+
       if (link_length < 0)
 	{
+	  int saved_errno = errno;
 	  free (buffer);
+	  errno = saved_errno;
 	  return NULL;
 	}
-      if (link_length < buf_size)
+
+      if ((size_t) link_length < buf_size)
 	{
-	  *link_length_arg = link_length;
 	  buffer[link_length] = 0;
 	  return buffer;
 	}
+
+      free (buffer);
       buf_size *= 2;
-      if (buf_size == 0)
+      if (! (0 < buf_size && buf_size <= SSIZE_MAX))
 	xalloc_die ();
     }
 }