| tschmelcher@chromium.org | f29a4fc | 2009-10-10 08:52:20 +0900 | [diff] [blame] | 1 | // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| abarth@chromium.org | 9d34ba7 | 2010-11-13 03:00:35 +0900 | [diff] [blame] | 5 | #include "build/build_config.h" |
| tschmelcher@chromium.org | f29a4fc | 2009-10-10 08:52:20 +0900 | [diff] [blame] | 6 | #include "base/safe_strerror_posix.h" |
| 7 | |
| 8 | #include <errno.h> |
| craig.schlenter@chromium.org | 41b3e84 | 2009-10-10 21:03:14 +0900 | [diff] [blame] | 9 | #include <stdio.h> |
| tschmelcher@chromium.org | f29a4fc | 2009-10-10 08:52:20 +0900 | [diff] [blame] | 10 | #include <string.h> |
| 11 | |
| abarth@chromium.org | 9d34ba7 | 2010-11-13 03:00:35 +0900 | [diff] [blame] | 12 | #define USE_HISTORICAL_STRERRO_R (defined(__GLIBC__) || defined(OS_NACL)) |
| 13 | |
| 14 | #if USE_HISTORICAL_STRERRO_R && defined(__GNUC__) |
| tschmelcher@chromium.org | f29a4fc | 2009-10-10 08:52:20 +0900 | [diff] [blame] | 15 | // GCC will complain about the unused second wrap function unless we tell it |
| 16 | // that we meant for them to be potentially unused, which is exactly what this |
| 17 | // attribute is for. |
| 18 | #define POSSIBLY_UNUSED __attribute__((unused)) |
| 19 | #else |
| 20 | #define POSSIBLY_UNUSED |
| 21 | #endif |
| 22 | |
| abarth@chromium.org | 9d34ba7 | 2010-11-13 03:00:35 +0900 | [diff] [blame] | 23 | #if USE_HISTORICAL_STRERRO_R |
| tschmelcher@chromium.org | f29a4fc | 2009-10-10 08:52:20 +0900 | [diff] [blame] | 24 | // glibc has two strerror_r functions: a historical GNU-specific one that |
| 25 | // returns type char *, and a POSIX.1-2001 compliant one available since 2.3.4 |
| 26 | // that returns int. This wraps the GNU-specific one. |
| 27 | static void POSSIBLY_UNUSED wrap_posix_strerror_r( |
| 28 | char *(*strerror_r_ptr)(int, char *, size_t), |
| 29 | int err, |
| 30 | char *buf, |
| 31 | size_t len) { |
| 32 | // GNU version. |
| 33 | char *rc = (*strerror_r_ptr)(err, buf, len); |
| 34 | if (rc != buf) { |
| 35 | // glibc did not use buf and returned a static string instead. Copy it |
| 36 | // into buf. |
| 37 | buf[0] = '\0'; |
| 38 | strncat(buf, rc, len - 1); |
| 39 | } |
| 40 | // The GNU version never fails. Unknown errors get an "unknown error" message. |
| 41 | // The result is always null terminated. |
| 42 | } |
| abarth@chromium.org | 9d34ba7 | 2010-11-13 03:00:35 +0900 | [diff] [blame] | 43 | #endif // USE_HISTORICAL_STRERRO_R |
| tschmelcher@chromium.org | f29a4fc | 2009-10-10 08:52:20 +0900 | [diff] [blame] | 44 | |
| 45 | // Wrapper for strerror_r functions that implement the POSIX interface. POSIX |
| 46 | // does not define the behaviour for some of the edge cases, so we wrap it to |
| 47 | // guarantee that they are handled. This is compiled on all POSIX platforms, but |
| 48 | // it will only be used on Linux if the POSIX strerror_r implementation is |
| 49 | // being used (see below). |
| 50 | static void POSSIBLY_UNUSED wrap_posix_strerror_r( |
| 51 | int (*strerror_r_ptr)(int, char *, size_t), |
| 52 | int err, |
| 53 | char *buf, |
| 54 | size_t len) { |
| 55 | int old_errno = errno; |
| 56 | // Have to cast since otherwise we get an error if this is the GNU version |
| 57 | // (but in such a scenario this function is never called). Sadly we can't use |
| 58 | // C++-style casts because the appropriate one is reinterpret_cast but it's |
| 59 | // considered illegal to reinterpret_cast a type to itself, so we get an |
| 60 | // error in the opposite case. |
| 61 | int result = (*strerror_r_ptr)(err, buf, len); |
| 62 | if (result == 0) { |
| 63 | // POSIX is vague about whether the string will be terminated, although |
| 64 | // it indirectly implies that typically ERANGE will be returned, instead |
| 65 | // of truncating the string. We play it safe by always terminating the |
| 66 | // string explicitly. |
| 67 | buf[len - 1] = '\0'; |
| 68 | } else { |
| 69 | // Error. POSIX is vague about whether the return value is itself a system |
| 70 | // error code or something else. On Linux currently it is -1 and errno is |
| 71 | // set. On BSD-derived systems it is a system error and errno is unchanged. |
| 72 | // We try and detect which case it is so as to put as much useful info as |
| 73 | // we can into our message. |
| 74 | int strerror_error; // The error encountered in strerror |
| 75 | int new_errno = errno; |
| 76 | if (new_errno != old_errno) { |
| 77 | // errno was changed, so probably the return value is just -1 or something |
| 78 | // else that doesn't provide any info, and errno is the error. |
| 79 | strerror_error = new_errno; |
| 80 | } else { |
| 81 | // Either the error from strerror_r was the same as the previous value, or |
| 82 | // errno wasn't used. Assume the latter. |
| 83 | strerror_error = result; |
| 84 | } |
| 85 | // snprintf truncates and always null-terminates. |
| 86 | snprintf(buf, |
| 87 | len, |
| 88 | "Error %d while retrieving error %d", |
| 89 | strerror_error, |
| 90 | err); |
| 91 | } |
| 92 | errno = old_errno; |
| 93 | } |
| 94 | |
| 95 | void safe_strerror_r(int err, char *buf, size_t len) { |
| 96 | if (buf == NULL || len <= 0) { |
| 97 | return; |
| 98 | } |
| 99 | // If using glibc (i.e., Linux), the compiler will automatically select the |
| 100 | // appropriate overloaded function based on the function type of strerror_r. |
| 101 | // The other one will be elided from the translation unit since both are |
| 102 | // static. |
| 103 | wrap_posix_strerror_r(&strerror_r, err, buf, len); |
| 104 | } |
| 105 | |
| 106 | std::string safe_strerror(int err) { |
| 107 | const int buffer_size = 256; |
| 108 | char buf[buffer_size]; |
| 109 | safe_strerror_r(err, buf, sizeof(buf)); |
| 110 | return std::string(buf); |
| 111 | } |