Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 08 Feb 2013 21:31:11 +0100
From: Jens Gustedt <jens.gustedt@...ia.fr>
To: musl@...ts.openwall.com
Subject: Re: guard bug for strerror_r

Am Freitag, den 08.02.2013, 15:01 -0500 schrieb Rich Felker:
> It's part of the "xlocale" set of interfaces that seem to have
> originated with glibc or maybe Sun, and later made it into POSIX 2008.
> It allows you to pass a locale_t argument to get the results in a
> non-default locale, but you can instead just request the current
> locale.

really bizarre that they didn't estimate it necessary to document it

> > And I actually use this in P99 to provide the C11 Annex K interface
> > strerror_s, which is much closer to strerror_r than strerror_l. Well,
> > we now have
> 
> Are you sure this is the best interface to provide to applications?

the best I don't know, but it is now a standard and provides
runtime-constraint handlers, and basic function parameter checking,
which are nice features. (Just forget about the official title "Bounds
checking interfaces".)

> I'd instead provide a thread-safe interface with an interface
> identical to strerror, since that's by far the easiest to use.
> 
> If on the other hand you want to provide Annex K in principle,

I do

> that's
> another matter, but there's a fairly large portion of it that can't be
> provided portably on top of an existing libc (mainly the scanf or
> printf stuff, I think).

yes, these don't work and since P99 isn't a library but only wrappers
I can't provide that. But for the most of it the wrappers are quite
simple and provided by P99.

> > strerror    C, POSIX
> > strerror_r  POSIX
> > strerror_l  POSIX
> > strerror_s  C
> > 
> > superbe. Again a case where a liaison between the C committee and the
> > POSIX could have helped.
> 
> The problem seems to be just that C didn't have threads (and thus no
> need for strerror_r or strerror_l) until C11.

But now they have threads, and so at the same moment of introducing
them they could have equipped them with a semantic (POSIX comes into
mind :) and used other interfaces from POSIX that already exist.

And, also I think that even before the _r version would have been a
good thing. I think the _r stands for reentrant, and for a function
that you would typically like to use in error or signal handlers, this
is a nice feature.

Jens

-- 
:: INRIA Nancy Grand Est :: http://www.loria.fr/~gustedt/   ::
:: AlGorille ::::::::::::::: office Nancy : +33 383593090   ::
:: ICube :::::::::::::: office Strasbourg : +33 368854536   ::
:: ::::::::::::::::::::::::::: gsm France : +33 651400183   ::
:: :::::::::::::::::::: gsm international : +49 15737185122 ::



Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.