diff --git a/newlib/ChangeLog b/newlib/ChangeLog index 8d500a371..e65008bee 100644 --- a/newlib/ChangeLog +++ b/newlib/ChangeLog @@ -1,3 +1,14 @@ +2011-02-09 Eric Blake + + * libc/include/string.h (strerror_r): Update declaration. + * libc/string/strerror.c (strerror): Update documentation. + * libc/string/strerror_r.c (strerror_r): Always return + NUL-terminated string; don't overwrite too-short buf. + * libc/string/xpg_strerror_r.c (__xpg_strerror_r): Implement POSIX + variant. + * libc/string/Makefile.am (GENERAL_SOURCES): Build new file. + * libc/string/Makefile.in: Regenerate. + 2011-01-28 Corinna Vinschen * libc/stdio/fclose.c: Only use sfp lock to guard non-atomic diff --git a/newlib/libc/include/string.h b/newlib/libc/include/string.h index 547cddd84..7202b06ab 100644 --- a/newlib/libc/include/string.h +++ b/newlib/libc/include/string.h @@ -66,7 +66,20 @@ char *_EXFUN(strdup,(const char *)); char *_EXFUN(_strdup_r,(struct _reent *, const char *)); char *_EXFUN(strndup,(const char *, size_t)); char *_EXFUN(_strndup_r,(struct _reent *, const char *, size_t)); -char *_EXFUN(strerror_r,(int, char *, size_t)); +/* There are two common strerror_r variants. If you request + _GNU_SOURCE, you get the GNU version; otherwise you get the POSIX + version. POSIX requires that #undef strerror_r will still let you + invoke the underlying function, but that requires gcc support. */ +#ifdef _GNU_SOURCE +char *_EXFUN(strerror_r,(int, char *, size_t)); +#else +# ifdef __GNUC__ +int _EXFUN(strerror_r,(int, char *, size_t)) __asm__ ("__xpg_strerror_r"); +# else +int _EXFUN(__xpg_strerror_r,(int, char *, size_t)); +# define strerror_r __xpg_strerror_r +# endif +#endif size_t _EXFUN(strlcat,(char *, const char *, size_t)); size_t _EXFUN(strlcpy,(char *, const char *, size_t)); int _EXFUN(strncasecmp,(const char *, const char *, size_t)); diff --git a/newlib/libc/string/Makefile.am b/newlib/libc/string/Makefile.am index 82fec8be1..561d0e5a0 100644 --- a/newlib/libc/string/Makefile.am +++ b/newlib/libc/string/Makefile.am @@ -71,7 +71,8 @@ GENERAL_SOURCES = \ wmemcmp.c \ wmemcpy.c \ wmemmove.c \ - wmemset.c + wmemset.c \ + xpg_strerror_r.c if ELIX_LEVEL_1 ELIX_2_SOURCES = diff --git a/newlib/libc/string/Makefile.in b/newlib/libc/string/Makefile.in index 6e0376b8c..a6e7e2e98 100644 --- a/newlib/libc/string/Makefile.in +++ b/newlib/libc/string/Makefile.in @@ -88,7 +88,7 @@ am__objects_1 = lib_a-bcopy.$(OBJEXT) lib_a-bzero.$(OBJEXT) \ lib_a-wcsxfrm.$(OBJEXT) lib_a-wcwidth.$(OBJEXT) \ lib_a-wmemchr.$(OBJEXT) lib_a-wmemcmp.$(OBJEXT) \ lib_a-wmemcpy.$(OBJEXT) lib_a-wmemmove.$(OBJEXT) \ - lib_a-wmemset.$(OBJEXT) + lib_a-wmemset.$(OBJEXT) lib_a-xpg_strerror_r.$(OBJEXT) @ELIX_LEVEL_1_FALSE@am__objects_2 = lib_a-bcmp.$(OBJEXT) \ @ELIX_LEVEL_1_FALSE@ lib_a-memccpy.$(OBJEXT) \ @ELIX_LEVEL_1_FALSE@ lib_a-mempcpy.$(OBJEXT) \ @@ -120,7 +120,7 @@ am__objects_4 = bcopy.lo bzero.lo index.lo memchr.lo memcmp.lo \ wcslcpy.lo wcslen.lo wcsncat.lo wcsncmp.lo wcsncpy.lo \ wcsnlen.lo wcspbrk.lo wcsrchr.lo wcsspn.lo wcsstr.lo wcstok.lo \ wcswidth.lo wcsxfrm.lo wcwidth.lo wmemchr.lo wmemcmp.lo \ - wmemcpy.lo wmemmove.lo wmemset.lo + wmemcpy.lo wmemmove.lo wmemset.lo xpg_strerror_r.lo @ELIX_LEVEL_1_FALSE@am__objects_5 = bcmp.lo memccpy.lo mempcpy.lo \ @ELIX_LEVEL_1_FALSE@ stpcpy.lo stpncpy.lo strndup.lo \ @ELIX_LEVEL_1_FALSE@ strcasestr.lo strndup_r.lo wcpcpy.lo \ @@ -215,6 +215,7 @@ MKDIR_P = @MKDIR_P@ NEWLIB_CFLAGS = @NEWLIB_CFLAGS@ NM = @NM@ NMEDIT = @NMEDIT@ +NO_INCLUDE_LIST = @NO_INCLUDE_LIST@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ @@ -363,7 +364,8 @@ GENERAL_SOURCES = \ wmemcmp.c \ wmemcpy.c \ wmemmove.c \ - wmemset.c + wmemset.c \ + xpg_strerror_r.c @ELIX_LEVEL_1_FALSE@ELIX_2_SOURCES = \ @ELIX_LEVEL_1_FALSE@ bcmp.c \ @@ -887,6 +889,12 @@ lib_a-wmemset.o: wmemset.c lib_a-wmemset.obj: wmemset.c $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-wmemset.obj `if test -f 'wmemset.c'; then $(CYGPATH_W) 'wmemset.c'; else $(CYGPATH_W) '$(srcdir)/wmemset.c'; fi` +lib_a-xpg_strerror_r.o: xpg_strerror_r.c + $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-xpg_strerror_r.o `test -f 'xpg_strerror_r.c' || echo '$(srcdir)/'`xpg_strerror_r.c + +lib_a-xpg_strerror_r.obj: xpg_strerror_r.c + $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-xpg_strerror_r.obj `if test -f 'xpg_strerror_r.c'; then $(CYGPATH_W) 'xpg_strerror_r.c'; else $(CYGPATH_W) '$(srcdir)/xpg_strerror_r.c'; fi` + lib_a-bcmp.o: bcmp.c $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-bcmp.o `test -f 'bcmp.c' || echo '$(srcdir)/'`bcmp.c diff --git a/newlib/libc/string/strerror.c b/newlib/libc/string/strerror.c index 043763141..61e40ab7a 100644 --- a/newlib/libc/string/strerror.c +++ b/newlib/libc/string/strerror.c @@ -301,6 +301,17 @@ declares that subsequent calls to <> may overwrite the result string; therefore portable code cannot depend on the reentrancy of this subroutine. +Although this implementation of <> guarantees a non-null +result with a NUL-terminator, some implementations return <> +on failure. Although POSIX allows <> to set <> +to EINVAL on failure, this implementation does not do so (unless +you provide <<_user_strerror>>). + +POSIX recommends that unknown <[errnum]> result in a message +including that value, however it is not a requirement and this +implementation does not provide that information (unless you +provide <<_user_strerror>>). + This implementation of <> provides for user-defined extensibility. <> defines <[__ELASTERROR]>, which can be used as a base for user-defined error values. If the user supplies a @@ -313,6 +324,9 @@ character pointer. If <[errnum]> is unknown to <<_user_strerror>>, <<_user_strerror>> returns <[NULL]>. The default <<_user_strerror>> returns <[NULL]> for all input values. +Note that <<_user_sterror>> must be thread-safe and not alter <> +if <> is to comply with POSIX. + <> requires no supporting OS subroutines. QUICKREF diff --git a/newlib/libc/string/strerror_r.c b/newlib/libc/string/strerror_r.c index be5358f3e..c2057b7f0 100644 --- a/newlib/libc/string/strerror_r.c +++ b/newlib/libc/string/strerror_r.c @@ -1,3 +1,4 @@ +/* GNU variant of strerror_r. */ /* FUNCTION <>---convert error number to string and copy to buffer @@ -7,7 +8,11 @@ INDEX ANSI_SYNOPSIS #include + #ifdef _GNU_SOURCE char *strerror_r(int <[errnum]>, char *<[buffer]>, size_t <[n]>); + #else + int strerror_r(int <[errnum]>, char *<[buffer]>, size_t <[n]>); + #endif TRAD_SYNOPSIS #include @@ -19,35 +24,60 @@ TRAD_SYNOPSIS DESCRIPTION <> converts the error number <[errnum]> into a string and copies the result into the supplied <[buffer]> for -a length up to <[n]>, including the NUL terminator. The value of -<[errnum]> is usually a copy of <>. If <> is not a known +a length up to <[n]>, including the NUL terminator. The value of +<[errnum]> is usually a copy of <>. If <> is not a known error number, the result is the empty string. See <> for how strings are mapped to <>. RETURNS -This function returns a pointer to a string. Your application must -not modify that string. +There are two variants: the GNU version always returns a NUL-terminated +string, which is <[buffer]> if all went well, but which is another +pointer if <[n]> was too small (leaving <[buffer]> untouched). If the +return is not <[buffer]>, your application must not modify that string. +The POSIX version returns 0 on success, <[EINVAL]> if <> was not +recognized, and <[ERANGE]> if <[n]> was too small. The variant chosen +depends on macros that you define before inclusion of <>. PORTABILITY -<> is a GNU extension. +<> with a <[char *]> result is a GNU extension. +<> with an <[int]> result is required by POSIX 2001. +This function is compliant only if <<_user_strerror>> is not provided, +or if it is thread-safe and does not modify <>. + +POSIX states that the contents of <[buf]> are unspecified on error, +although this implementation guarantees a NUL-terminated string for +all except <[n]> of 0. + +POSIX recommends that unknown <[errnum]> result in a message including +that value, however it is not a requirement and this implementation +provides only an empty string (unless you provide <<_user_strerror>>). +POSIX also recommends that unknown <[errnum]> fail with EINVAL even +when providing such a message, however it is not a requirement and +this implementation will return success if <<_user_strerror>> provided +a non-empty alternate string. <> requires no supporting OS subroutines. */ #undef __STRICT_ANSI__ +#define _GNU_SOURCE #include #include +#undef strerror_r +/* For backwards-compatible linking, this must be the GNU signature; + see xpg_strerror_r.c for the POSIX version. */ char * _DEFUN (strerror_r, (errnum, buffer, n), int errnum _AND char *buffer _AND size_t n) { - char *error; - error = strerror (errnum); + char *error = strerror (errnum); - return strncpy (buffer, (const char *)error, n); + if (strlen (error) >= n) + return error; + return strcpy (buffer, error); } diff --git a/newlib/libc/string/xpg_strerror_r.c b/newlib/libc/string/xpg_strerror_r.c new file mode 100644 index 000000000..ce94bd8a4 --- /dev/null +++ b/newlib/libc/string/xpg_strerror_r.c @@ -0,0 +1,25 @@ +/* POSIX variant of strerror_r. */ +#undef __STRICT_ANSI__ +#include +#include + +int +_DEFUN (__xpg_strerror_r, (errnum, buffer, n), + int errnum _AND + char *buffer _AND + size_t n) +{ + char *error; + + if (!n) + return ERANGE; + error = strerror (errnum); + if (strlen (error) >= n) + { + memcpy (buffer, error, n - 1); + buffer[n - 1] = '\0'; + return ERANGE; + } + strcpy (buffer, error); + return *error ? 0 : EINVAL; +}