X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;f=lib%2Fopenat-proc.c;h=25384127ebf944f7aeb83ef11e40ef19afb34776;hb=3213c107e7632d3b7e462c06acaefde7d50e5067;hp=e84dc454fbd16db8ca3b157604853d7acfdf2127;hpb=57fdfd3f8ec62b105c53bcdf6f127c35c7fe7391;p=gnulib.git

diff --git a/lib/openat-proc.c b/lib/openat-proc.c
index e84dc454f..25384127e 100644
--- a/lib/openat-proc.c
+++ b/lib/openat-proc.c
@@ -1,6 +1,6 @@
 /* Create /proc/self/fd-related names for subfiles of open directories.
 
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2009-2010 Free Software Foundation, Inc.
 
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -27,6 +27,7 @@
 
 #include <stdio.h>
 #include <string.h>
+#include <unistd.h>
 
 #include "dirname.h"
 #include "intprops.h"
@@ -34,7 +35,10 @@
 #include "xalloc.h"
 
 /* The results of open() in this file are not used with fchdir,
-   therefore save some unnecessary work in fchdir.c.  */
+   and we do not leak fds to any single-threaded code that could use stdio,
+   therefore save some unnecessary work in fchdir.c.
+   FIXME - if the kernel ever adds support for multi-thread safety for
+   avoiding standard fds, then we should use open_safer.  */
 #undef open
 #undef close
 
@@ -54,32 +58,39 @@ openat_proc_name (char buf[OPENAT_BUFFER_SIZE], int fd, char const *file)
 {
   static int proc_status = 0;
 
+  /* Make sure the caller gets ENOENT when appropriate.  */
+  if (!*file)
+    {
+      buf[0] = '\0';
+      return buf;
+    }
+
   if (! proc_status)
     {
       /* Set PROC_STATUS to a positive value if /proc/self/fd is
-	 reliable, and a negative value otherwise.  Solaris 10
-	 /proc/self/fd mishandles "..", and any file name might expand
-	 to ".." after symbolic link expansion, so avoid /proc/self/fd
-	 if it mishandles "..".  Solaris 10 has openat, but this
-	 problem is exhibited on code that built on Solaris 8 and
-	 running on Solaris 10.  */
+         reliable, and a negative value otherwise.  Solaris 10
+         /proc/self/fd mishandles "..", and any file name might expand
+         to ".." after symbolic link expansion, so avoid /proc/self/fd
+         if it mishandles "..".  Solaris 10 has openat, but this
+         problem is exhibited on code that built on Solaris 8 and
+         running on Solaris 10.  */
 
       int proc_self_fd = open ("/proc/self/fd", O_RDONLY);
       if (proc_self_fd < 0)
-	proc_status = -1;
+        proc_status = -1;
       else
-	{
-	  struct stat proc_self_fd_dotdot_st;
-	  struct stat proc_self_st;
-	  char dotdot_buf[PROC_SELF_FD_NAME_SIZE_BOUND (sizeof ".." - 1)];
-	  sprintf (dotdot_buf, PROC_SELF_FD_FORMAT, proc_self_fd, "..");
-	  proc_status =
-	    ((stat (dotdot_buf, &proc_self_fd_dotdot_st) == 0
-	      && stat ("/proc/self", &proc_self_st) == 0
-	      && SAME_INODE (proc_self_fd_dotdot_st, proc_self_st))
-	     ? 1 : -1);
-	  close (proc_self_fd);
-	}
+        {
+          struct stat proc_self_fd_dotdot_st;
+          struct stat proc_self_st;
+          char dotdot_buf[PROC_SELF_FD_NAME_SIZE_BOUND (sizeof ".." - 1)];
+          sprintf (dotdot_buf, PROC_SELF_FD_FORMAT, proc_self_fd, "..");
+          proc_status =
+            ((stat (dotdot_buf, &proc_self_fd_dotdot_st) == 0
+              && stat ("/proc/self", &proc_self_st) == 0
+              && SAME_INODE (proc_self_fd_dotdot_st, proc_self_st))
+             ? 1 : -1);
+          close (proc_self_fd);
+        }
     }
 
   if (proc_status < 0)