[libvirt] [PATCH] Ensure virStrerror always sets an error string
Eric Blake
eblake at redhat.com
Wed May 18 17:27:28 UTC 2011
[adding bug-gnulib]
On 05/18/2011 11:07 AM, Daniel P. Berrange wrote:
> strerror_r() is free to not set any error string, if the passed
> errno is not valid. It may, however, still return a pointer to
> the original passed in buffer. This resulting in random garbage
> from the stack being present as the error string.
Indeed. However, I'm inclined to NACK the libvirt patch, because:
Right now, gnulib guarantees that strerror() always gives a useful
result (non-empty string for all errno values, even though POSIX allows
an empty string), but the strerror_r-posix module is not making those
same guarantees.
Therefore, I argue that this is a bug in gnulib. We should be changing
the strerror_r-posix module to guarantee sane behavior, rather than just
bare-minimum compliance, even if that means replacing strerror_r on a
few more platforms.
> +++ b/src/util/virterror.c
> @@ -1267,9 +1267,13 @@ const char *virStrerror(int theerrno, char *errBuf, size_t errBufLen)
> int save_errno = errno;
> const char *ret;
>
> + memset(errBuf, 0, errBufLen);
That's a bit time-consuming, especially if errBufLen is MUCH bigger than
the message to be printed. It would suffice to simply do *errbuf=0.
> strerror_r(theerrno, errBuf, errBufLen);
> ret = errBuf;
> errno = save_errno;
> +
> + if (ret[0] == '\0')
> + strncpy(errBuf, _("Unknown errno"), errBufLen);
> return ret;
> }
>
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110518/56ad099d/attachment-0001.sig>
More information about the libvir-list
mailing list