[adding bug-gnulib]
On 05/18/2011 11:07 AM, Daniel P. Berrange wrote:
> strerror_r() is free to not set any error string, if the passed
> errno is not valid. It may, however, still return a pointer to
> the original passed in buffer. This resulting in random garbage
> from the stack being present as the error string.
Indeed. However, I'm inclined to NACK the libvirt patch, because:
Right now, gnulib guarantees that strerror() always gives a useful
result (non-empty string for all errno values, even though POSIX allows
an empty string), but the strerror_r-posix module is not making those
same guarantees.
Therefore, I argue that this is a bug in gnulib. We should be changing
the strerror_r-posix module to guarantee sane behavior, rather than just
bare-minimum compliance, even if that means replacing strerror_r on a
few more platforms.
> +++ b/src/util/virterror.c
> @@ -1267,9 +1267,13 @@ const char *virStrerror(int theerrno, char *errBuf, size_t errBufLen)
> int save_errno = errno;
> const char *ret;
>
> + memset(errBuf, 0, errBufLen);
That's a bit time-consuming, especially if errBufLen is MUCH bigger than
the message to be printed. It would suffice to simply do *errbuf=0.
> strerror_r(theerrno, errBuf, errBufLen);
> ret = errBuf;
> errno = save_errno;
> +
> + if (ret[0] == '\0')
> + strncpy(errBuf, _("Unknown errno"), errBufLen);
> return ret;
> }
>
--
Eric Blake eblake@xxxxxxxxxx +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list