Mercurial > hg > octave-nkf > gnulib-hg
annotate doc/posix-functions/ctime_r.texi @ 15326:52719068f9c2
pipe, pipe2: don't corrupt fd on error
I noticed a potential subtle double-close bug in libvirt. There,
a common idiom is to initialize an int fd[2]={-1,-1}, then have
multiple error paths goto common cleanup code. In the cleanup
code, the fds are closed if they are not already -1; this works
if the error label is reached before the pipe call, or after
pipe succeeds, but if it was the pipe call itself that jumped
to the error label, then it is relying on failed pipe() not
altering the values already in fd array prior to the failure.
Our pipe2 replacement violated this assumption, and could leave
a non-negative value in the array, which in turn would let
libvirt close an already-closed fd, possibly nuking an unrelated
fd opened by another thread that happened to get the same value.
As a result, I raised a POSIX issue regarding the behavior of
pipe on failure: http://austingroupbugs.net/view.php?id=467
Using that test program, I learned that most systems leave fd
unchanged on error, but that mingw always assigns -1 into the
array. This fixes the mingw pipe() replacement, as well as
the gnulib pipe2() replacement.
I don't know of any race-free way to work around a cygwin crash:
http://cygwin.com/ml/cygwin/2011-06/msg00328.html - we could
always open() and then close() two fds to guess whether two
spare fd still remain before calling pipe(), but that is racy.
* lib/pipe.c (pipe): Leave fd unchanged on error.
* lib/pipe2.c (pipe2): Likewise.
* doc/posix-functions/pipe.texi (pipe): Document cygwin issue.
* doc/glibc-functions/pipe2.texi (pipe2): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
| author | Eric Blake <eblake@redhat.com> |
|---|---|
| date | Wed, 29 Jun 2011 15:46:50 -0600 |
| parents | 3bbfc7e37ec2 |
| children | 6355dc4626b5 |
| rev | line source |
|---|---|
|
9638
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
1 @node ctime_r |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
2 @section @code{ctime_r} |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
3 @findex ctime_r |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
4 |
|
13549
bb0ceefd22dc
avoid some overlong lines from posix urls, etc.
Karl Berry <karl@freefriends.org>
parents:
13267
diff
changeset
|
5 POSIX specification:@* @url{http://www.opengroup.org/onlinepubs/9699919799/functions/ctime_r.html} |
|
9638
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
6 |
|
13267
d6ab91053834
Use the 'extensions' module for some more functions on Solaris.
Bruno Haible <bruno@clisp.org>
parents:
13265
diff
changeset
|
7 Gnulib module: extensions |
|
9638
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
8 |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
9 Portability problems fixed by Gnulib: |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
10 @itemize |
|
13267
d6ab91053834
Use the 'extensions' module for some more functions on Solaris.
Bruno Haible <bruno@clisp.org>
parents:
13265
diff
changeset
|
11 @item |
|
d6ab91053834
Use the 'extensions' module for some more functions on Solaris.
Bruno Haible <bruno@clisp.org>
parents:
13265
diff
changeset
|
12 This function has an incompatible declaration on some platforms: |
|
13917
3bbfc7e37ec2
Update for Solaris 11 2010-11.
Bruno Haible <bruno@clisp.org>
parents:
13549
diff
changeset
|
13 Solaris 11 2010-11 (when @code{_POSIX_PTHREAD_SEMANTICS} is not defined). |
|
9638
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
14 @end itemize |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
15 |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
16 Portability problems not fixed by Gnulib: |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
17 @itemize |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
18 @item |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
19 This function is missing on some platforms: |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
20 mingw. |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
21 @item |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
22 This function may put more than 26 bytes into the argument buffer if an |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
23 invalid year is passed. |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
24 @end itemize |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
25 |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
26 @code{ctime_r} takes a pre-allocated buffer and length of the buffer, |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
27 and returns @code{NULL} on errors. |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
28 The input buffer should be at least 26 bytes in size. The output |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
29 string is locale-independent. However, years can have more than 4 |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
30 digits if @code{time_t} is sufficiently wide, so the length of the |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
31 required output buffer is not easy to determine. Increasing the |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
32 buffer size when @code{ctime_r} returns @code{NULL} is not necessarily |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
33 sufficient. The @code{NULL} return value could mean some other error |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
34 condition, which will not go away by increasing the buffer size. |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
35 |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
36 A more flexible function is @code{strftime}. However, note that it is |
|
070329237839
Rename two directories: headers -> posix-headers, functions -> posix-functions.
Bruno Haible <bruno@clisp.org>
parents:
diff
changeset
|
37 locale dependent. |