Date: Mon, 21 Oct 2002 15:47:32 -0400 (EDT) From: Garrett Wollman <wollman@lcs.mit.edu> To: FreeBSD-gnats-submit@FreeBSD.org Subject: standards/44356: strerror_r() has impermissible failure mode Message-ID: <200210211947.g9LJlWP8066183@khavrinen.lcs.mit.edu>
next in thread | raw e-mail | index | archive | help
>Number: 44356 >Category: standards >Synopsis: strerror_r() has impermissible failure mode >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-standards >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Oct 21 12:50:01 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Garrett Wollman >Release: FreeBSD 5.0-CURRENT i386 >Organization: MIT LCS >Environment: System: FreeBSD khavrinen.lcs.mit.edu 5.0-CURRENT FreeBSD 5.0-CURRENT #608: Tue Apr 30 19:29:33 EDT 2002 root@:/usr/src/sys/i386/compile/KHAVRINEN i386 >Description: If an unrecognized error number is passed to strerror_r(), the buffer is left unchanged. XSH6 page 1416, lines 43783ff says: The strerror_r( ) function shall map the error number in errnum to a locale-dependent error message string and shall return the string in the buffer pointed to by strerrbuf, with length buflen. The consensus on the Austin Group list seems to be that strerror_r() must always put something in the buffer provided, even if a specific error message is not available for whatever reason. In our implementation, the buffer is only filled in when the error number is recognized (even if the buffer is too small). >How-To-Repeat: char buf[1234]; buf[0] = '\0'; strerror_r(12345678, buf, sizeof buf); assert(buf[0] != '\0'); >Fix: Move all of the `unknown error' processing from strerror() to strerror_r(). >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-standards" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210211947.g9LJlWP8066183>