[libcxx-commits] [libcxx] [libc++][hardening] Classify assertions related to leaks and syscalls. (PR #77164)
Louis Dionne via libcxx-commits
libcxx-commits at lists.llvm.org
Tue Jan 9 13:02:25 PST 2024
================
@@ -461,7 +461,7 @@ path __current_path(error_code* ec) {
Deleter deleter = &::free;
#else
auto size = ::pathconf(".", _PC_PATH_MAX);
- _LIBCPP_ASSERT_UNCATEGORIZED(size >= 0, "pathconf returned a 0 as max size");
+ _LIBCPP_ASSERT_VALID_EXTERNAL_API_CALL(size >= 0, "pathconf returned a 0 as max size");
----------------
ldionne wrote:
My reading of `pathconf`'s manpage is that it returns `-1` if there's an error or if there's no limit associated to `_PC_PATH_MAX`. So I think checking for `>= 0` here is correct (although in reality I don't think any system would return `0`).
After consideration, it sounds like we should instead be reporting the error if we encounter one? So instead of the assertion, something like
```c++
errno = 0; // POSIX requires this to be thread-safe
auto size = ::pathconf(".", _PC_PATH_MAX);
if (size == -1 && errno != 0)
return err.report(capture_errno(), "call to pathconf failed");
```
If `size == -1` but there was no error, the implementation doesn't have a limit for the path length. We should probably set `size = PATH_MAX` (defined in `<limits.h>`) in that case. That's a bit academic but it seems reasonable.
CC @EricWF since he most likely wrote that code in the original filesystem implementation.
https://github.com/llvm/llvm-project/pull/77164
More information about the libcxx-commits
mailing list