Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210226180040.GC32655@brightrain.aerifal.cx>
Date: Fri, 26 Feb 2021 13:00:40 -0500
From: Rich Felker <dalias@...c.org>
To: Dominic Chen <d.c.ddcc@...il.com>
Cc: musl@...ts.openwall.com
Subject: Re: fdopen() doesn't check for valid fd

On Fri, Feb 26, 2021 at 12:36:19PM -0500, Dominic Chen wrote:
> I've been verifying the behavior of an application between glibc and
> musl, and have noticed that the musl implementation of fdopen()
> assumes that the input fd is valid, whereas glibc does not. Per
> https://pubs.opengroup.org/onlinepubs/9699919799/, it seems that
> fdopen() is allowed to fail with EBADF, so inside __fdopen(), the
> syscalls to SYS_fcntl and SYS_ioctl should probably check for an
> error, deallocate the FILE *, and return nullptr.

This is specified as a "may fail" error not a "shall fail". It was
discussed before (I can look up the old thread if you're interested)
and there are some paths in which checking for it would be free, but
others where it would not, and it would require reorganizing the
function's flow in a way that's less desirable in one way or another,
so it doesn't seem like a good idea for the sake of something a caller
can't actually use.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.