[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200511061919.jA6JJjDk000766@vaticaan.Holland.Sun.COM>
Date: Sun, 06 Nov 2005 20:19:45 +0100
From: Casper.Dik@....COM
To: Ulrich Drepper <drepper@...il.com>
Cc: Ben Hutchings <ben@...adentplace.org.uk>,
full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] Re: readdir_r considered harmful
>On 11/6/05, Casper.Dik@....com <Casper.Dik@....com> wrote:
>> I don't see how that is relevant; the typical use of readdir() is as follows:
>>
>> DIR *dirp = opendir(name);
>>
>> while ((dent = readdir(dirp)) != NULL) {
>> ...
>> }
>>
>> closedir(dirp);
>>
>> Nothing other threads do with readdir() on different dirp's will influence
>> what "dent" points to.
>
>The issue is multiple threads using the same DIR.
No, it isn't. I certainly limited the scope of my contribution to
single threads reading from a DIR.
All the 80-odd uses of readdir_r() in the Solaris core source code,
all can (and should) be replaced with readdir(). All have a single
thread reading and reusing the same "struct dirent", so readdir()
could be used in POSIXly correct fashion if the following sentence
in the open group's manual page was not present:
"The readdir() function need not be reentrant. A function that is not
required to be reentrant is not required to be thread-safe."
I believe that this is an error in POSIX; when "threadedness" was added
the manual page could have been changed to indicate that a single
thread using the above idiom was safe.
Had they done so, we would never have had to use readdir_r() and progammers
would not have introduced bugs in the (mis)use of pathconf, over allocating,
etc.
I would be interested in seeing any real-world use of readdir_r() in
a context where readdir_r() is required (multiple threads reading from
a single DIR *).
Casper
Powered by blists - more mailing lists