X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;f=lib%2Fcareadlinkat.c;h=751578b9a58fc6f46894cbbef3237d716f1c347b;hb=07809063056aef043ba738ab8229042f1ffc9659;hp=0b54b1dfd76a6e3cc747b2fcbda3b15ecec71160;hpb=7a6955f7b5a90dbd30cb88217406c49c23ead9d1;p=gnulib.git diff --git a/lib/careadlinkat.c b/lib/careadlinkat.c index 0b54b1dfd..751578b9a 100644 --- a/lib/careadlinkat.c +++ b/lib/careadlinkat.c @@ -22,8 +22,6 @@ #include "careadlinkat.h" -#include "allocator.h" - #include #include #include @@ -39,23 +37,21 @@ # define SSIZE_MAX ((ssize_t) (SIZE_MAX / 2)) #endif -#if ! HAVE_READLINKAT -/* Ignore FD. Get the symbolic link value of FILENAME and put it into - BUFFER, with size BUFFER_SIZE. This function acts like readlink - but has readlinkat's signature. */ +#include "allocator.h" + +/* Get the symbolic link value of FILENAME and put it into BUFFER, with + size BUFFER_SIZE. This function acts like readlink but has + readlinkat's signature. */ ssize_t careadlinkatcwd (int fd, char const *filename, char *buffer, size_t buffer_size) { - (void) fd; + /* FD must be AT_FDCWD here, otherwise the caller is using this + function in contexts for which it was not meant for. */ + if (fd != AT_FDCWD) + abort (); return readlink (filename, buffer, buffer_size); } -#endif - -/* Forward declaration. We want to #undef malloc before initializing - this struct, but cannot do so until after all code that uses named - fields from "allocator.h" has been compiled. */ -static struct allocator const standard_allocator; /* Assuming the current directory is FD, get the symbolic link value of FILENAME as a null-terminated string and put it into a buffer. @@ -71,7 +67,10 @@ static struct allocator const standard_allocator; the returned value if it is nonnull and is not BUFFER. A null ALLOC stands for the standard allocator. - The PREADLINKAT function specifies how to read links. + The PREADLINKAT function specifies how to read links. It operates + like POSIX readlinkat() + + but can assume that its first argument is the same as FD. If successful, return the buffer address; otherwise return NULL and set errno. */ @@ -89,7 +88,7 @@ careadlinkat (int fd, char const *filename, char stack_buf[1024]; if (! alloc) - alloc = &standard_allocator; + alloc = &stdlib_allocator; if (! buffer_size) { @@ -134,6 +133,7 @@ careadlinkat (int fd, char const *filename, if (buf == stack_buf) { char *b = (char *) alloc->allocate (link_size); + buf_size = link_size; if (! b) break; memcpy (b, buf, link_size); @@ -157,6 +157,11 @@ careadlinkat (int fd, char const *filename, buf_size *= 2; else if (buf_size < buf_size_max) buf_size = buf_size_max; + else if (buf_size_max < SIZE_MAX) + { + errno = ENAMETOOLONG; + return NULL; + } else break; buf = (char *) alloc->allocate (buf_size); @@ -164,18 +169,7 @@ careadlinkat (int fd, char const *filename, while (buf); if (alloc->die) - alloc->die (); + alloc->die (buf_size); errno = ENOMEM; return NULL; } - -/* Use the system functions, not the gnulib overrides, because this - module does not depend on GNU or POSIX semantics. See comments - above why this must occur here. */ -#undef malloc -#undef realloc - -/* A standard allocator. For now, only careadlinkat needs this, but - perhaps it should be moved to the allocator module. */ -static struct allocator const standard_allocator = - { malloc, realloc, free, NULL };