Re: [Gluster-devel] glfs_readdir_r is painful

[Eric Blake]

On 10/30/2013 11:18 AM, Eric Blake wrote:

> The only safe way to use readdir_r is to know the maximum d_name that
> can possibly be returned, but there is no glfs_fpathconf() for
> determining that information.  Your example usage of glfs_readdir_r()
> suggests that 512 bytes is large enough:
> https://forge.gluster.org/glusterfs-core/glusterfs/blobs/f44ada6cd9bcc5ab98ca66bedde4fe23dd1c3f05/api/examples/glfsxmp.c
> but I don't know if that is true.

Okay, after a bit more investigation, I see:

gf_dirent_to_dirent (gf_dirent_t *gf_dirent, struct dirent *dirent)
{
        dirent->d_ino = gf_dirent->d_ino;

#ifdef _DIRENT_HAVE_D_OFF
        dirent->d_off = gf_dirent->d_off;
#endif

#ifdef _DIRENT_HAVE_D_TYPE
        dirent->d_type = gf_dirent->d_type;
#endif

#ifdef _DIRENT_HAVE_D_NAMLEN
        dirent->d_namlen = strlen (gf_dirent->d_name);
#endif

        strncpy (dirent->d_name, gf_dirent->d_name, 256);
}

I also discovered that 'getconf NAME_MAX /path/to/xfs/mount' is 255, so
it looks like you got lucky (although strncpy is generally unsafe
because it fails to write a NUL terminator if you truncate the string,
it looks like you are guaranteed by XFS to never have a string that
needs truncation).

>  You _do_ have the advantage that
> since every brick backing a glusterfs volume is using an xfs file
> system, then you only have to worry about the NAME_MAX of xfs - but I
> don't know that value off the top of my head.

Again, my research shows it is 255.

>  Can you please let me
> know how big I should make my struct dirent to avoid buffer overflow,
> and properly document this in <glusterfs/api/glfs.h>?  Furthermore, can
> you please provide a much saner glfs_readdir() so I don't have to worry
> about contortions of using a broken-by-design function?

These requests are still in force.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

signature.asc
Description: OpenPGP digital signature