1// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#if defined(__ANDROID__)
6// Post-L versions of bionic define the GNU-specific strerror_r if _GNU_SOURCE
7// is defined, but the symbol is renamed to __gnu_strerror_r which only exists
8// on those later versions. To preserve ABI compatibility with older versions,
9// undefine _GNU_SOURCE and use the POSIX version.
10#undef _GNU_SOURCE
11#endif
12
13#include "build/build_config.h"
14#include "base/safe_strerror_posix.h"
15
16#include <errno.h>
17#include <stdio.h>
18#include <string.h>
19
20#define USE_HISTORICAL_STRERRO_R (defined(__GLIBC__) || defined(OS_NACL))
21
22#if USE_HISTORICAL_STRERRO_R && defined(__GNUC__)
23// GCC will complain about the unused second wrap function unless we tell it
24// that we meant for them to be potentially unused, which is exactly what this
25// attribute is for.
26#define POSSIBLY_UNUSED __attribute__((unused))
27#else
28#define POSSIBLY_UNUSED
29#endif
30
31#if USE_HISTORICAL_STRERRO_R
32// glibc has two strerror_r functions: a historical GNU-specific one that
33// returns type char *, and a POSIX.1-2001 compliant one available since 2.3.4
34// that returns int. This wraps the GNU-specific one.
35static void POSSIBLY_UNUSED wrap_posix_strerror_r(
36    char *(*strerror_r_ptr)(int, char *, size_t),
37    int err,
38    char *buf,
39    size_t len) {
40  // GNU version.
41  char *rc = (*strerror_r_ptr)(err, buf, len);
42  if (rc != buf) {
43    // glibc did not use buf and returned a static string instead. Copy it
44    // into buf.
45    buf[0] = '\0';
46    strncat(buf, rc, len - 1);
47  }
48  // The GNU version never fails. Unknown errors get an "unknown error" message.
49  // The result is always null terminated.
50}
51#endif  // USE_HISTORICAL_STRERRO_R
52
53// Wrapper for strerror_r functions that implement the POSIX interface. POSIX
54// does not define the behaviour for some of the edge cases, so we wrap it to
55// guarantee that they are handled. This is compiled on all POSIX platforms, but
56// it will only be used on Linux if the POSIX strerror_r implementation is
57// being used (see below).
58static void POSSIBLY_UNUSED wrap_posix_strerror_r(
59    int (*strerror_r_ptr)(int, char *, size_t),
60    int err,
61    char *buf,
62    size_t len) {
63  int old_errno = errno;
64  // Have to cast since otherwise we get an error if this is the GNU version
65  // (but in such a scenario this function is never called). Sadly we can't use
66  // C++-style casts because the appropriate one is reinterpret_cast but it's
67  // considered illegal to reinterpret_cast a type to itself, so we get an
68  // error in the opposite case.
69  int result = (*strerror_r_ptr)(err, buf, len);
70  if (result == 0) {
71    // POSIX is vague about whether the string will be terminated, although
72    // it indirectly implies that typically ERANGE will be returned, instead
73    // of truncating the string. We play it safe by always terminating the
74    // string explicitly.
75    buf[len - 1] = '\0';
76  } else {
77    // Error. POSIX is vague about whether the return value is itself a system
78    // error code or something else. On Linux currently it is -1 and errno is
79    // set. On BSD-derived systems it is a system error and errno is unchanged.
80    // We try and detect which case it is so as to put as much useful info as
81    // we can into our message.
82    int strerror_error;  // The error encountered in strerror
83    int new_errno = errno;
84    if (new_errno != old_errno) {
85      // errno was changed, so probably the return value is just -1 or something
86      // else that doesn't provide any info, and errno is the error.
87      strerror_error = new_errno;
88    } else {
89      // Either the error from strerror_r was the same as the previous value, or
90      // errno wasn't used. Assume the latter.
91      strerror_error = result;
92    }
93    // snprintf truncates and always null-terminates.
94    snprintf(buf,
95             len,
96             "Error %d while retrieving error %d",
97             strerror_error,
98             err);
99  }
100  errno = old_errno;
101}
102
103void safe_strerror_r(int err, char *buf, size_t len) {
104  if (buf == NULL || len <= 0) {
105    return;
106  }
107  // If using glibc (i.e., Linux), the compiler will automatically select the
108  // appropriate overloaded function based on the function type of strerror_r.
109  // The other one will be elided from the translation unit since both are
110  // static.
111  wrap_posix_strerror_r(&strerror_r, err, buf, len);
112}
113
114std::string safe_strerror(int err) {
115  const int buffer_size = 256;
116  char buf[buffer_size];
117  safe_strerror_r(err, buf, sizeof(buf));
118  return std::string(buf);
119}
120