From f42e15fdfba61fe6dee0bfb0a6a7f44fd9ca9dd3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Fri, 7 Oct 2022 12:28:31 +0200
Subject: [PATCH] basic: add STRERROR() wrapper for strerror_r()
(cherry picked from commit 2c5d05b3cd986568105d67891e4010b868dea24f)
Related: #2155516
---
src/basic/errno-util.h | 10 +++++++++
src/test/meson.build | 2 ++
src/test/test-errno-util.c | 44 ++++++++++++++++++++++++++++++++++++++
3 files changed, 56 insertions(+)
create mode 100644 src/test/test-errno-util.c
diff --git a/src/basic/errno-util.h b/src/basic/errno-util.h
index 09abf0b751..a2d9876c15 100644
--- a/src/basic/errno-util.h
+++ b/src/basic/errno-util.h
@@ -6,6 +6,16 @@
#include "macro.h"
+/* strerror(3) says that glibc uses a maximum length of 1024 bytes. */
+#define ERRNO_BUF_LEN 1024
+
+/* Note: the lifetime of the compound literal is the immediately surrounding block,
+ * see C11 §6.5.2.5, and
+ * https://stackoverflow.com/questions/34880638/compound-literal-lifetime-and-if-blocks
+ *
+ * Note that we use the GNU variant of strerror_r() here. */
+#define STRERROR(errnum) strerror_r(abs(errnum), (char[ERRNO_BUF_LEN]){}, ERRNO_BUF_LEN)
+
static inline void _reset_errno_(int *saved_errno) {
if (*saved_errno < 0) /* Invalidated by UNPROTECT_ERRNO? */
return;
diff --git a/src/test/meson.build b/src/test/meson.build
index 14b7939b1f..032800dd85 100644
--- a/src/test/meson.build
+++ b/src/test/meson.build
@@ -580,6 +580,8 @@ tests += [
[files('test-errno-list.c') +
generated_gperf_headers],
+ [files('test-errno-util.c')],
+
[files('test-ip-protocol-list.c') +
shared_generated_gperf_headers],
diff --git a/src/test/test-errno-util.c b/src/test/test-errno-util.c
new file mode 100644
index 0000000000..284f451002
--- /dev/null
+++ b/src/test/test-errno-util.c
@@ -0,0 +1,44 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "errno-util.h"
+#include "stdio-util.h"
+#include "string-util.h"
+#include "tests.h"
+
+TEST(strerror_not_threadsafe) {
+ /* Just check that strerror really is not thread-safe. */
+ log_info("strerror(%d) → %s", 200, strerror(200));
+ log_info("strerror(%d) → %s", 201, strerror(201));
+ log_info("strerror(%d) → %s", INT_MAX, strerror(INT_MAX));
+
+ log_info("strerror(%d), strerror(%d) → %p, %p", 200, 201, strerror(200), strerror(201));
+
+ /* This call is not allowed, because the first returned string becomes invalid when
+ * we call strerror the second time:
+ *
+ * log_info("strerror(%d), strerror(%d) → %s, %s", 200, 201, strerror(200), strerror(201));
+ */
+}
+
+TEST(STRERROR) {
+ /* Just check that STRERROR really is thread-safe. */
+ log_info("STRERROR(%d) → %s", 200, STRERROR(200));
+ log_info("STRERROR(%d) → %s", 201, STRERROR(201));
+ log_info("STRERROR(%d), STRERROR(%d) → %s, %s", 200, 201, STRERROR(200), STRERROR(201));
+
+ const char *a = STRERROR(200), *b = STRERROR(201);
+ assert_se(strstr(a, "200"));
+ assert_se(strstr(b, "201"));
+
+ /* Check with negative values */
+ assert_se(streq(a, STRERROR(-200)));
+ assert_se(streq(b, STRERROR(-201)));
+
+ const char *c = STRERROR(INT_MAX);
+ char buf[DECIMAL_STR_MAX(int)];
+ xsprintf(buf, "%d", INT_MAX); /* INT_MAX is hexadecimal, use printf to convert to decimal */
+ log_info("STRERROR(%d) → %s", INT_MAX, c);
+ assert_se(strstr(c, buf));
+}
+
+DEFINE_TEST_MAIN(LOG_INFO);