Re: Openat without die

[Jim Meyering]

Bastien ROUCARIES wrote:

> On Tue, Jan 11, 2011 at 4:30 PM, Bruno Haible <address@hidden> wrote:
>> Hi Jim,
>>
>>> As I tried to explain, there does not seem to be a clean way
>>> to solve the problem
>>
>> I believe the stuff with chdir() is only needed in order to handle special
>> cases like
>>  - long directory and file names that would otherwise lead to ENAMETOOLONG,
>>  - access relative to a directory where 'cd $(pwd)' would not work, because
>>    of missing permissions in the parent directories.
>>
>> Therefore I believe it should be possible to propose an openat() 
>> implementation
>> in libposix that, admittedly, cannot handle these special cases. But that 
>> would
>> be better than nothing. And coreutils, which does not want these 
>> restrictions,
>> would continue to use the current code for openat().
>
> Or we could use a #define switch to move to openat_die at compilation...
>
> It will be better and safer, and will avoid code duplication. BTW for
> fts what is I suppose mainly using by -R switch in coreutils we could
> use the chdir version ....
> (if you do not specifiy FTS_NOCHDIR)
>
> BTW do you agree with merging my fist two patch?

I haven't looked carefully, but this use of sprintf will
dereference NULL when malloc fails:

-      char *result = (bufsize < OPENAT_BUFFER_SIZE ? buf : xmalloc (bufsize));
+      char *result = (bufsize < OPENAT_BUFFER_SIZE ? buf : malloc (bufsize));
       sprintf (result, PROC_SELF_FD_FORMAT, fd, file);