Google Git
Sign in
gn / gn / a3345c9b98cb965a8c28d13de6a9258d642492d6 / . / base / posix / safe_strerror.cc
blob: 252b5df2d00795d37909071f7ebc56febb8904cc [file] [log] [blame]
Scott Graham66962112018-06-08 12:42:08 -0700[diff] [blame]1// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#if defined(__ANDROID__)
6// Post-L versions of bionic define the GNU-specific strerror_r if _GNU_SOURCE
7// is defined, but the symbol is renamed to __gnu_strerror_r which only exists
8// on those later versions. To preserve ABI compatibility with older versions,
9// undefine _GNU_SOURCE and use the POSIX version.
10#undef _GNU_SOURCE
11#endif
12
13#include "base/posix/safe_strerror.h"
14
15#include <errno.h>
16#include <stdio.h>
17#include <string.h>
18
Scott Graham76a8dc72018-06-18 13:37:29 -0700[diff] [blame]19#include "util/build_config.h"
Scott Graham66962112018-06-08 12:42:08 -0700[diff] [blame]20
21namespace base {
22
Brett Wilson102cdd42019-09-06 09:41:18 -0700[diff] [blame]23#if defined(__GLIBC__)
Scott Graham66962112018-06-08 12:42:08 -0700[diff] [blame]24#define USE_HISTORICAL_STRERRO_R 1
25#else
26#define USE_HISTORICAL_STRERRO_R 0
27#endif
28
29#if USE_HISTORICAL_STRERRO_R && defined(__GNUC__)
30// GCC will complain about the unused second wrap function unless we tell it
31// that we meant for them to be potentially unused, which is exactly what this
32// attribute is for.
33#define POSSIBLY_UNUSED __attribute__((unused))
34#else
35#define POSSIBLY_UNUSED
36#endif
37
38#if USE_HISTORICAL_STRERRO_R
39// glibc has two strerror_r functions: a historical GNU-specific one that
40// returns type char *, and a POSIX.1-2001 compliant one available since 2.3.4
41// that returns int. This wraps the GNU-specific one.
Scott Graham98cd3ca2018-06-14 22:26:55 -0700[diff] [blame]42static void POSSIBLY_UNUSED
43wrap_posix_strerror_r(char* (*strerror_r_ptr)(int, char*, size_t),
44 int err,
45 char* buf,
46 size_t len) {
Scott Graham66962112018-06-08 12:42:08 -0700[diff] [blame]47 // GNU version.
Scott Graham98cd3ca2018-06-14 22:26:55 -0700[diff] [blame]48 char* rc = (*strerror_r_ptr)(err, buf, len);
Scott Graham66962112018-06-08 12:42:08 -0700[diff] [blame]49 if (rc != buf) {
50 // glibc did not use buf and returned a static string instead. Copy it
51 // into buf.
52 buf[0] = '\0';
53 strncat(buf, rc, len - 1);
54 }
55 // The GNU version never fails. Unknown errors get an "unknown error" message.
56 // The result is always null terminated.
57}
58#endif // USE_HISTORICAL_STRERRO_R
59
60// Wrapper for strerror_r functions that implement the POSIX interface. POSIX
61// does not define the behaviour for some of the edge cases, so we wrap it to
62// guarantee that they are handled. This is compiled on all POSIX platforms, but
63// it will only be used on Linux if the POSIX strerror_r implementation is
64// being used (see below).
Scott Graham98cd3ca2018-06-14 22:26:55 -0700[diff] [blame]65static void POSSIBLY_UNUSED wrap_posix_strerror_r(int (*strerror_r_ptr)(int,
66 char*,
67 size_t),
68 int err,
69 char* buf,
70 size_t len) {
Scott Graham66962112018-06-08 12:42:08 -0700[diff] [blame]71 int old_errno = errno;
72 // Have to cast since otherwise we get an error if this is the GNU version
73 // (but in such a scenario this function is never called). Sadly we can't use
74 // C++-style casts because the appropriate one is reinterpret_cast but it's
75 // considered illegal to reinterpret_cast a type to itself, so we get an
76 // error in the opposite case.
77 int result = (*strerror_r_ptr)(err, buf, len);
78 if (result == 0) {
79 // POSIX is vague about whether the string will be terminated, although
80 // it indirectly implies that typically ERANGE will be returned, instead
81 // of truncating the string. We play it safe by always terminating the
82 // string explicitly.
83 buf[len - 1] = '\0';
84 } else {
85 // Error. POSIX is vague about whether the return value is itself a system
86 // error code or something else. On Linux currently it is -1 and errno is
87 // set. On BSD-derived systems it is a system error and errno is unchanged.
88 // We try and detect which case it is so as to put as much useful info as
89 // we can into our message.
90 int strerror_error; // The error encountered in strerror
91 int new_errno = errno;
92 if (new_errno != old_errno) {
93 // errno was changed, so probably the return value is just -1 or something
94 // else that doesn't provide any info, and errno is the error.
95 strerror_error = new_errno;
96 } else {
97 // Either the error from strerror_r was the same as the previous value, or
98 // errno wasn't used. Assume the latter.
99 strerror_error = result;
100 }
101 // snprintf truncates and always null-terminates.
Scott Graham98cd3ca2018-06-14 22:26:55 -0700[diff] [blame]102 snprintf(buf, len, "Error %d while retrieving error %d", strerror_error,
Scott Graham66962112018-06-08 12:42:08 -0700[diff] [blame]103 err);
104 }
105 errno = old_errno;
106}
107
Scott Graham98cd3ca2018-06-14 22:26:55 -0700[diff] [blame]108void safe_strerror_r(int err, char* buf, size_t len) {
Scott Graham66962112018-06-08 12:42:08 -0700[diff] [blame]109 if (buf == nullptr || len <= 0) {
110 return;
111 }
112 // If using glibc (i.e., Linux), the compiler will automatically select the
113 // appropriate overloaded function based on the function type of strerror_r.
114 // The other one will be elided from the translation unit since both are
115 // static.
116 wrap_posix_strerror_r(&strerror_r, err, buf, len);
117}
118
119std::string safe_strerror(int err) {
120 const int buffer_size = 256;
121 char buf[buffer_size];
122 safe_strerror_r(err, buf, sizeof(buf));
123 return std::string(buf);
124}
125
126} // namespace base