tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

safe_strerror.cc (4405B)

      1 // Copyright 2006-2009 The Chromium Authors
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "base/posix/safe_strerror.h"
      6 
      7 #include <errno.h>
      8 #include <stdio.h>
      9 #include <string.h>
     10 
     11 #include "build/build_config.h"
     12 
     13 namespace base {
     14 
     15 #if defined(__GLIBC__) || BUILDFLAG(IS_NACL)
     16 #define USE_HISTORICAL_STRERROR_R 1
     17 // Post-L versions of bionic define the GNU-specific strerror_r if _GNU_SOURCE
     18 // is defined, but the symbol is renamed to __gnu_strerror_r which only exists
     19 // on those later versions. For parity, add the same condition as bionic.
     20 #elif defined(__BIONIC__) && defined(_GNU_SOURCE) && __ANDROID_API__ >= 23
     21 #define USE_HISTORICAL_STRERROR_R 1
     22 #else
     23 #define USE_HISTORICAL_STRERROR_R 0
     24 #endif
     25 
     26 #if USE_HISTORICAL_STRERROR_R
     27 // glibc has two strerror_r functions: a historical GNU-specific one that
     28 // returns type char *, and a POSIX.1-2001 compliant one available since 2.3.4
     29 // that returns int. This wraps the GNU-specific one.
     30 [[maybe_unused]] static void wrap_posix_strerror_r(
     31    char* (*strerror_r_ptr)(int, char*, size_t),
     32    int err,
     33    char* buf,
     34    size_t len) {
     35  // GNU version.
     36  char *rc = (*strerror_r_ptr)(err, buf, len);
     37  if (rc != buf) {
     38    // glibc did not use buf and returned a static string instead. Copy it
     39    // into buf.
     40    buf[0] = '\0';
     41    strncat(buf, rc, len - 1);
     42  }
     43  // The GNU version never fails. Unknown errors get an "unknown error" message.
     44  // The result is always null terminated.
     45 }
     46 #endif  // USE_HISTORICAL_STRERROR_R
     47 
     48 // Wrapper for strerror_r functions that implement the POSIX interface. POSIX
     49 // does not define the behaviour for some of the edge cases, so we wrap it to
     50 // guarantee that they are handled. This is compiled on all POSIX platforms, but
     51 // it will only be used on Linux if the POSIX strerror_r implementation is
     52 // being used (see below).
     53 [[maybe_unused]] static void wrap_posix_strerror_r(
     54    int (*strerror_r_ptr)(int, char*, size_t),
     55    int err,
     56    char* buf,
     57    size_t len) {
     58  int old_errno = errno;
     59  // Have to cast since otherwise we get an error if this is the GNU version
     60  // (but in such a scenario this function is never called). Sadly we can't use
     61  // C++-style casts because the appropriate one is reinterpret_cast but it's
     62  // considered illegal to reinterpret_cast a type to itself, so we get an
     63  // error in the opposite case.
     64  int result = (*strerror_r_ptr)(err, buf, len);
     65  if (result == 0) {
     66    // POSIX is vague about whether the string will be terminated, although
     67    // it indirectly implies that typically ERANGE will be returned, instead
     68    // of truncating the string. We play it safe by always terminating the
     69    // string explicitly.
     70    buf[len - 1] = '\0';
     71  } else {
     72    // Error. POSIX is vague about whether the return value is itself a system
     73    // error code or something else. On Linux currently it is -1 and errno is
     74    // set. On BSD-derived systems it is a system error and errno is unchanged.
     75    // We try and detect which case it is so as to put as much useful info as
     76    // we can into our message.
     77    int strerror_error;  // The error encountered in strerror
     78    int new_errno = errno;
     79    if (new_errno != old_errno) {
     80      // errno was changed, so probably the return value is just -1 or something
     81      // else that doesn't provide any info, and errno is the error.
     82      strerror_error = new_errno;
     83    } else {
     84      // Either the error from strerror_r was the same as the previous value, or
     85      // errno wasn't used. Assume the latter.
     86      strerror_error = result;
     87    }
     88    // snprintf truncates and always null-terminates.
     89    snprintf(buf,
     90             len,
     91             "Error %d while retrieving error %d",
     92             strerror_error,
     93             err);
     94  }
     95  errno = old_errno;
     96 }
     97 
     98 void safe_strerror_r(int err, char *buf, size_t len) {
     99  if (buf == nullptr || len <= 0) {
    100    return;
    101  }
    102  // If using glibc (i.e., Linux), the compiler will automatically select the
    103  // appropriate overloaded function based on the function type of strerror_r.
    104  // The other one will be elided from the translation unit since both are
    105  // static.
    106  wrap_posix_strerror_r(&strerror_r, err, buf, len);
    107 }
    108 
    109 std::string safe_strerror(int err) {
    110  const int buffer_size = 256;
    111  char buf[buffer_size];
    112  safe_strerror_r(err, buf, sizeof(buf));
    113  return std::string(buf);
    114 }
    115 
    116 }  // namespace base