From fa185f0d4529c6d70f690306f431ca23662b9138 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Tue, 18 Feb 2020 13:02:37 +0100 Subject: : Add type safety and port to Hurd The new type struct fd_to_filename makes the allocation of the backing storage explicit. Hurd uses /dev/fd, not /proc/self/fd. Co-Authored-By: Paul Eggert --- misc/Makefile | 6 ++- misc/fd_to_filename.c | 38 +++++++++++++++++ misc/tst-fd_to_filename.c | 101 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 144 insertions(+), 1 deletion(-) create mode 100644 misc/fd_to_filename.c create mode 100644 misc/tst-fd_to_filename.c (limited to 'misc') diff --git a/misc/Makefile b/misc/Makefile index e0465980c7..b8fed5783d 100644 --- a/misc/Makefile +++ b/misc/Makefile @@ -72,7 +72,7 @@ routines := brk sbrk sstk ioctl \ fgetxattr flistxattr fremovexattr fsetxattr getxattr \ listxattr lgetxattr llistxattr lremovexattr lsetxattr \ removexattr setxattr getauxval ifunc-impl-list makedev \ - allocate_once + allocate_once fd_to_filename generated += tst-error1.mtrace tst-error1-mem.out \ tst-allocate_once.mtrace tst-allocate_once-mem.out @@ -97,6 +97,10 @@ endif tests-internal := tst-atomic tst-atomic-long tst-allocate_once tests-static := tst-empty +# Test for the internal, non-exported __fd_to_filename function. +tests-internal += tst-fd_to_filename +tests-static += tst-fd_to_filename + ifeq ($(run-built-tests),yes) tests-special += $(objpfx)tst-error1-mem.out \ $(objpfx)tst-allocate_once-mem.out diff --git a/misc/fd_to_filename.c b/misc/fd_to_filename.c new file mode 100644 index 0000000000..03d19194c1 --- /dev/null +++ b/misc/fd_to_filename.c @@ -0,0 +1,38 @@ +/* Construct a pathname under /proc/self/fd (or /dev/fd for Hurd). + Copyright (C) 2020 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +#include +#include + +char * +__fd_to_filename (int descriptor, struct fd_to_filename *storage) +{ + assert (descriptor >= 0); + + char *p = mempcpy (storage->buffer, FD_TO_FILENAME_PREFIX, + strlen (FD_TO_FILENAME_PREFIX)); + + for (int d = descriptor; p++, (d /= 10) != 0; ) + continue; + *p = '\0'; + for (int d = descriptor; *--p = '0' + d % 10, (d /= 10) != 0; ) + continue; + return storage->buffer; +} diff --git a/misc/tst-fd_to_filename.c b/misc/tst-fd_to_filename.c new file mode 100644 index 0000000000..d16c869cd3 --- /dev/null +++ b/misc/tst-fd_to_filename.c @@ -0,0 +1,101 @@ +/* Test for /proc/self/fd (or /dev/fd) pathname construction. + Copyright (C) 2020 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include + +/* Run a check on one value. */ +static void +check (int value) +{ + if (value < 0) + /* Negative descriptor values violate the precondition. */ + return; + + struct fd_to_filename storage; + char *actual = __fd_to_filename (value, &storage); + char expected[100]; + snprintf (expected, sizeof (expected), FD_TO_FILENAME_PREFIX "%d", value); + TEST_COMPARE_STRING (actual, expected); +} + +/* Check various ranges constructed around powers. */ +static void +check_ranges (int base) +{ + unsigned int power = 1; + do + { + for (int factor = 1; factor < base; ++factor) + for (int shift = -1000; shift <= 1000; ++shift) + check (factor * power + shift); + } + while (!__builtin_mul_overflow (power, base, &power)); +} + +/* Check that it is actually possible to use a the constructed + name. */ +static void +check_open (void) +{ + int pipes[2]; + xpipe (pipes); + + struct fd_to_filename storage; + int read_alias = xopen (__fd_to_filename (pipes[0], &storage), O_RDONLY, 0); + int write_alias = xopen (__fd_to_filename (pipes[1], &storage), O_WRONLY, 0); + + /* Ensure that all the descriptor numbers are different. */ + TEST_VERIFY (pipes[0] < pipes[1]); + TEST_VERIFY (pipes[1] < read_alias); + TEST_VERIFY (read_alias < write_alias); + + xwrite (write_alias, "1", 1); + char buf[16]; + TEST_COMPARE_BLOB ("1", 1, buf, read (pipes[0], buf, sizeof (buf))); + + xwrite (pipes[1], "2", 1); + TEST_COMPARE_BLOB ("2", 1, buf, read (read_alias, buf, sizeof (buf))); + + xwrite (write_alias, "3", 1); + TEST_COMPARE_BLOB ("3", 1, buf, read (read_alias, buf, sizeof (buf))); + + xwrite (pipes[1], "4", 1); + TEST_COMPARE_BLOB ("4", 1, buf, read (pipes[0], buf, sizeof (buf))); + + xclose (write_alias); + xclose (read_alias); + xclose (pipes[1]); + xclose (pipes[0]); +} + +static int +do_test (void) +{ + check_ranges (2); + check_ranges (10); + + check_open (); + + return 0; +} + +#include -- cgit 1.4.1