From f42e15fdfba61fe6dee0bfb0a6a7f44fd9ca9dd3 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>

Date: Fri, 7 Oct 2022 12:28:31 +0200

Subject: [PATCH] basic: add STRERROR() wrapper for strerror_r()

(cherry picked from commit 2c5d05b3cd986568105d67891e4010b868dea24f)

Related: #2155516

---

 src/basic/errno-util.h     | 10 +++++++++

 src/test/meson.build       |  2 ++

 src/test/test-errno-util.c | 44 ++++++++++++++++++++++++++++++++++++++

 3 files changed, 56 insertions(+)

 create mode 100644 src/test/test-errno-util.c

diff --git a/src/basic/errno-util.h b/src/basic/errno-util.h

index 09abf0b751..a2d9876c15 100644

--- a/src/basic/errno-util.h

+++ b/src/basic/errno-util.h

@@ -6,6 +6,16 @@

 #include "macro.h"

+/* strerror(3) says that glibc uses a maximum length of 1024 bytes. */

+#define ERRNO_BUF_LEN 1024

+

+/* Note: the lifetime of the compound literal is the immediately surrounding block,

+ * see C11 §6.5.2.5, and

+ * https://stackoverflow.com/questions/34880638/compound-literal-lifetime-and-if-blocks

+ *

+ * Note that we use the GNU variant of strerror_r() here. */

+#define STRERROR(errnum) strerror_r(abs(errnum), (char[ERRNO_BUF_LEN]){}, ERRNO_BUF_LEN)

+

 static inline void _reset_errno_(int *saved_errno) {

         if (*saved_errno < 0) /* Invalidated by UNPROTECT_ERRNO? */

                 return;

diff --git a/src/test/meson.build b/src/test/meson.build

index 14b7939b1f..032800dd85 100644

--- a/src/test/meson.build

+++ b/src/test/meson.build

@@ -580,6 +580,8 @@ tests += [

         [files('test-errno-list.c') +

          generated_gperf_headers],

+        [files('test-errno-util.c')],

+

         [files('test-ip-protocol-list.c') +

          shared_generated_gperf_headers],

diff --git a/src/test/test-errno-util.c b/src/test/test-errno-util.c

new file mode 100644

index 0000000000..284f451002

--- /dev/null

+++ b/src/test/test-errno-util.c

@@ -0,0 +1,44 @@

+/* SPDX-License-Identifier: LGPL-2.1-or-later */

+

+#include "errno-util.h"

+#include "stdio-util.h"

+#include "string-util.h"

+#include "tests.h"

+

+TEST(strerror_not_threadsafe) {

+        /* Just check that strerror really is not thread-safe. */

+        log_info("strerror(%d) → %s", 200, strerror(200));

+        log_info("strerror(%d) → %s", 201, strerror(201));

+        log_info("strerror(%d) → %s", INT_MAX, strerror(INT_MAX));

+

+        log_info("strerror(%d), strerror(%d) → %p, %p", 200, 201, strerror(200), strerror(201));

+

+        /* This call is not allowed, because the first returned string becomes invalid when

+         * we call strerror the second time:

+         *

+         * log_info("strerror(%d), strerror(%d) → %s, %s", 200, 201, strerror(200), strerror(201));

+         */

+}

+

+TEST(STRERROR) {

+        /* Just check that STRERROR really is thread-safe. */

+        log_info("STRERROR(%d) → %s", 200, STRERROR(200));

+        log_info("STRERROR(%d) → %s", 201, STRERROR(201));

+        log_info("STRERROR(%d), STRERROR(%d) → %s, %s", 200, 201, STRERROR(200), STRERROR(201));

+

+        const char *a = STRERROR(200), *b = STRERROR(201);

+        assert_se(strstr(a, "200"));

+        assert_se(strstr(b, "201"));

+

+        /* Check with negative values */

+        assert_se(streq(a, STRERROR(-200)));

+        assert_se(streq(b, STRERROR(-201)));

+

+        const char *c = STRERROR(INT_MAX);

+        char buf[DECIMAL_STR_MAX(int)];

+        xsprintf(buf, "%d", INT_MAX);  /* INT_MAX is hexadecimal, use printf to convert to decimal */

+        log_info("STRERROR(%d) → %s", INT_MAX, c);

+        assert_se(strstr(c, buf));

+}

+

+DEFINE_TEST_MAIN(LOG_INFO);