Re: Openat without die

[Paul Eggert]

On 01/11/11 12:38, Jim Meyering wrote:
> That looks fine.  Thanks!

OK, thanks, on further inspection I found one problem with it:
save-cwd needs to depend on getcwd, for portability to hosts
with inadequate getcwd implementations.  So I pushed
this slightly-different patch with that in mind.

>From a9f3cda382d5e435d10a752193ac9afbd1dbe636 Mon Sep 17 00:00:00 2001
From: Paul Eggert <address@hidden>
Date: Tue, 11 Jan 2011 10:42:55 -0800
Subject: [PATCH] openat, save-cwd: avoid xmalloc

This removes a direct (but undocumented) dependency of openat on
xalloc, along with an indirect dependency via save-cwd.  It also
removes a dependency of save-cwd on xgetcwd, and thereby
indirectly on xalloc.  This change causes the openat substitute
to fall back on save_cwd when memory is tight, and for save_cwd to
fail instead of dying when memory is tight, but that's good enough.

* lib/openat-proc.c: Include stdlib.h (for malloc), not
xalloc.h (for xmalloc).
(openat_proc_name): Use malloc, not xmalloc.
* lib/save-cwd.c (save_cwd): Use getcwd, not xgetcwd.
* modules/save-cwd (Files): Depend on getcwd, not xgetcwd.
---
 ChangeLog         |   15 +++++++++++++++
 lib/openat-proc.c |   13 ++++++++++---
 lib/save-cwd.c    |    4 ++--
 modules/save-cwd  |    2 +-
 4 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f8cd305..2327bfe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,20 @@
 2011-01-11  Paul Eggert  <address@hidden>
 
+       openat, save-cwd: avoid xmalloc
+
+       This removes a direct (but undocumented) dependency of openat on
+       xalloc, along with an indirect dependency via save-cwd.  It also
+       removes a dependency of save-cwd on xgetcwd, and thereby
+       indirectly on xalloc.  This change causes the openat substitute
+       to fall back on save_cwd when memory is tight, and for save_cwd to
+       fail instead of dying when memory is tight, but that's good enough.
+
+       * lib/openat-proc.c: Include stdlib.h (for malloc), not
+       xalloc.h (for xmalloc).
+       (openat_proc_name): Use malloc, not xmalloc.
+       * lib/save-cwd.c (save_cwd): Use getcwd, not xgetcwd.
+       * modules/save-cwd (Files): Depend on getcwd, not xgetcwd.
+
        openat: Increase OPENAT_BUFFER_SIZE from 512 to at least 1024
        This avoids heap allocation for file names whose lengths are in
        the range 512..1023, with the upper bound increasing to at most
diff --git a/lib/openat-proc.c b/lib/openat-proc.c
index 51a8aa2..34c74a7 100644
--- a/lib/openat-proc.c
+++ b/lib/openat-proc.c
@@ -26,13 +26,13 @@
 #include <fcntl.h>
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 
 #include "dirname.h"
 #include "intprops.h"
 #include "same-inode.h"
-#include "xalloc.h"
 
 /* The results of open() in this file are not used with fchdir,
    and we do not leak fds to any single-threaded code that could use stdio,
@@ -52,7 +52,8 @@
 /* Set BUF to the expansion of PROC_SELF_FD_FORMAT, using FD and FILE
    respectively for %d and %s.  If successful, return BUF if the
    result fits in BUF, dynamically allocated memory otherwise.  But
-   return NULL if /proc is not reliable.  */
+   return NULL if /proc is not reliable, either because the operating
+   system support is lacking or because memory is low.  */
 char *
 openat_proc_name (char buf[OPENAT_BUFFER_SIZE], int fd, char const *file)
 {
@@ -98,7 +99,13 @@ openat_proc_name (char buf[OPENAT_BUFFER_SIZE], int fd, char 
const *file)
   else
     {
       size_t bufsize = PROC_SELF_FD_NAME_SIZE_BOUND (strlen (file));
-      char *result = (bufsize < OPENAT_BUFFER_SIZE ? buf : xmalloc (bufsize));
+      char *result = buf;
+      if (OPENAT_BUFFER_SIZE < bufsize)
+        {
+          result = malloc (bufsize);
+          if (! result)
+            return NULL;
+        }
       sprintf (result, PROC_SELF_FD_FORMAT, fd, file);
       return result;
     }
diff --git a/lib/save-cwd.c b/lib/save-cwd.c
index be35192..099ab2e 100644
--- a/lib/save-cwd.c
+++ b/lib/save-cwd.c
@@ -54,7 +54,7 @@
 /* Record the location of the current working directory in CWD so that
    the program may change to other directories and later use restore_cwd
    to return to the recorded location.  This function may allocate
-   space using malloc (via xgetcwd) or leave a file descriptor open;
+   space using malloc (via getcwd) or leave a file descriptor open;
    use free_cwd to perform the necessary free or close.  Upon failure,
    no memory is allocated, any locally opened file descriptors are
    closed;  return non-zero -- in that case, free_cwd need not be
@@ -81,7 +81,7 @@ save_cwd (struct saved_cwd *cwd)
     cwd->desc = fd_safer (cwd->desc);
   if (cwd->desc < 0)
     {
-      cwd->name = xgetcwd ();
+      cwd->name = getcwd (NULL, 0);
       return cwd->name ? 0 : -1;
     }
 
diff --git a/modules/save-cwd b/modules/save-cwd
index aab5e5e..e8bf8c4 100644
--- a/modules/save-cwd
+++ b/modules/save-cwd
@@ -9,9 +9,9 @@ m4/save-cwd.m4
 Depends-on:
 chdir-long
 cloexec
+getcwd
 stdbool
 unistd-safer
-xgetcwd
 
 configure.ac:
 gl_SAVE_CWD
-- 
1.7.3