From: Jim Meyering <jim@meyering.net>
Date: Tue, 4 Sep 2001 20:20:16 +0000 (+0000)
Subject: (xreadlink): Omit size_t* arg.  All uses changed.
X-Git-Tag: cvs-readonly~5712
X-Git-Url: https://erislabs.net/gitweb/?a=commitdiff_plain;h=b6f4a765056b52c30e9b44ca0990f536dd0cb9de;p=gnulib.git

(xreadlink): Omit size_t* arg.  All uses changed.
Use ssize_t, not int, to store result of readlink.
Check for ssize_t overflow as well as size_t overflow,
as POSIX says the result of readlink is implementation-defined
when ssize_t overflows.
Remove unnecessary cast to char*.
Use free+malloc instead of realloc, as the storage doesn't need
to be preserved and it's clearer and can be more efficient that way.
(SIZE_MAX, SSIZE_MAX): New macros, if <limits.h> doesn't declare.
---

diff --git a/lib/xreadlink.c b/lib/xreadlink.c
index 8adbb0c19..b58330a1d 100644
--- a/lib/xreadlink.c
+++ b/lib/xreadlink.c
@@ -29,6 +29,9 @@
 extern int errno;
 #endif
 
+#if HAVE_LIMITS_H
+# include <limits.h>
+#endif
 #if HAVE_SYS_TYPES_H
 # include <sys/types.h>
 #endif
@@ -39,6 +42,13 @@ extern int errno;
 # include <unistd.h>
 #endif
 
+#ifndef SIZE_MAX
+# define SIZE_MAX ((size_t) -1)
+#endif
+#ifndef SSIZE_MAX
+# define SSIZE_MAX ((ssize_t) (SIZE_MAX / 2))
+#endif
+
 #include "xalloc.h"
 #include "xreadlink.h"
 
@@ -49,18 +59,17 @@ extern int errno;
    give a diagnostic and exit.  */
 
 char *
-xreadlink (char const *filename, size_t *link_length_arg)
+xreadlink (char const *filename)
 {
   /* The initial buffer size for the link value.  A power of 2
      detects arithmetic overflow earlier, but is not required.  */
   size_t buf_size = 128;
-  char *buffer = NULL;
 
   while (1)
     {
-      int link_length;
-      buffer = (char *) xrealloc (buffer, buf_size);
-      link_length = readlink (filename, buffer, buf_size);
+      char *buffer = xmalloc (buf_size);
+      ssize_t link_length = readlink (filename, buffer, buf_size);
+
       if (link_length < 0)
 	{
 	  int saved_errno = errno;
@@ -68,14 +77,16 @@ xreadlink (char const *filename, size_t *link_length_arg)
 	  errno = saved_errno;
 	  return NULL;
 	}
+
       if (link_length < buf_size)
 	{
-	  *link_length_arg = link_length;
 	  buffer[link_length] = 0;
 	  return buffer;
 	}
+
+      free (buffer);
       buf_size *= 2;
-      if (buf_size == 0)
+      if (SSIZE_MAX < buf_size || (SIZE_MAX / 2 < SSIZE_MAX && buf_size == 0))
 	xalloc_die ();
     }
 }