diff options
| author | bors[bot] <26634292+bors[bot]@users.noreply.github.com> | 2020-05-12 04:50:19 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-12 04:50:19 +0000 |
| commit | 33f4efe6cfebf7b80df78355173eb481ea348285 (patch) | |
| tree | 610ed154ec8f93b188b129c18d865447ca89eb45 /src/sys | |
| parent | 095b5be1532dabbf97208158c8a9edb15dbb7e21 (diff) | |
| parent | dfee424c025bfd921a9a3e56ac786ed778bb91e1 (diff) | |
| download | nix-33f4efe6cfebf7b80df78355173eb481ea348285.zip | |
Merge #1231
1231: Add support for reading symlinks longer than `PATH_MAX` to `readlink` and `readlinkat` r=asomers a=SolraBizna
This is in response to issue #1178.
The new logic uses the following approach.
- At any time, if `readlink` returns an error, or a value ≥ 0 and < (not ≤!) the buffer size, we're done.
- Attempt to `readlink` into a `PATH_MAX` sized buffer. (This will almost always succeed, and saves a system call over calling `lstat` first.)
- Try to `lstat` the link. If it succeeds and returns a sane value, allocate the buffer to be that large plus one byte. Otherwise, allocate the buffer to be `PATH_MAX.max(128) << 1` bytes.
- Repeatedly attempt to `readlink`. Any time its result is ≥ (not >!) the buffer size, double the buffer size and try again.
While testing this, I discovered that ext4 doesn't allow creation of a symlink > 4095 (Linux's `PATH_MAX` minus one) bytes long. This is in spite of Linux happily allowing paths in other contexts to be longer than this—including on ext4! This was probably instated to avoid breaking programs that assume `PATH_MAX` will always be enough, but ironically hindered my attempt to test support for *not* assuming. I tested the code using an artificially small `PATH_MAX` and (separately) a wired-to-fail `lstat`. `strace` showed the code behaving precisely as expected. Unfortunately, I can't add an automatic test for this.
Other changes made by this PR:
- `wrap_readlink_result` now calls `shrink_to_fit` on the buffer before returning, potentially reclaiming kilobytes of memory per call. This could be very important if the returned buffer is long-lived.
- `readlink` and `readlink_at` now both call an `inner_readlink` function that contains the bulk of the logic, avoiding copy-pasting of code. (This is much more important now that the logic is more than a few lines long.)
Notably, this PR does *not* add support for systems that don't define `PATH_MAX` at all. As far as I know, I don't have access to any POSIX-ish OS that doesn't have `PATH_MAX`, and I suspect it would have other compatibility issues with `nix` anyway.
Co-authored-by: Solra Bizna <solra@bizna.name>
Diffstat (limited to 'src/sys')
0 files changed, 0 insertions, 0 deletions