Re: [PATCH] trac#623 : dd_opendir() fails if time file doesn't contain valid time stamp

Wed, 01 Aug 2012 04:52:30 -0700 

On 07/31/2012 05:43 PM, Jakub Filak wrote:
> * the old implementation checks only presence of the time file
> * now we check validity of the time file
> 
> Signed-off-by: Jakub Filak <[email protected]>
> ---
>  src/lib/dump_dir.c |   57 
> +++++++++++++++++++++++++++++++++++++++++++++++++---
>  1 file changed, 54 insertions(+), 3 deletions(-)
> 
> diff --git a/src/lib/dump_dir.c b/src/lib/dump_dir.c
> index eef01f7..e945bad 100644
> --- a/src/lib/dump_dir.c
> +++ b/src/lib/dump_dir.c
> @@ -109,6 +109,57 @@ static bool exist_file_dir(const char *path)
>      return false;
>  }
>  
> +static bool not_valid_time_file(const char *filename)
> +{
> +    /* Open input file, and parse it. */
> +    int fd = open(filename, O_RDONLY);
> +    if (fd < 0)
> +    {
> +        VERB1 log("Unable to open '%s': %s.\n", filename, strerror(errno));

The "\n" is added by log functions themselves. I think you need this:

perror_msg("Can't open '%s'", filename);

> +        return true;
> +    }
> +
> +    off_t size = lseek(fd, 0, SEEK_END);
> +    if (size == (off_t)-1) /* EOVERFLOW? */
> +    {
> +        VERB1 log("Unable to seek in '%s': %s.\n", filename, 
> strerror(errno));
> +        close(fd);
> +        return true;
> +    }
> +
> +    lseek(fd, 0, SEEK_SET); /* No reason to fail. */
> +
> +    static const size_t FILE_SIZE_LIMIT = sizeof(time_t) * 3; /* ~ maximal 
> number of digits */
> +    if (size > FILE_SIZE_LIMIT)
> +    {
> +        VERB1 log("Input file too big (%lld). Maximum size is %zd.\n",
> +                (long long)size, FILE_SIZE_LIMIT);
> +        close(fd);
> +        return true;
> +    }

You do not need to seek. Do read() of sizeof(time_t) * 3 + 2 bytes right away.
If it reads exactly sizeof(time_t) * 3 + 2 bytes, then the file is too big.

> +    char *time_str = xmalloc(size + 1);

Use "char buf[sizeof(time_t) * 3 + 2]" instead: faster than xmalloc+free.

> +    if (size != read(fd, time_str, size))
> +    {
> +        VERB1 log("Unable to read from '%s'.\n", filename);
> +        close(fd);
> +        free(time_str);
> +        return true;
> +    }
> +
> +    /* Just reading, so no need to check the returned value. */
> +    close(fd);

Can have just one close() instead of two:

        ssize_t rdsz = read(fd, time_str, sizeof(buf));
        close(fd);
        if (...) ...

> +
> +    time_str[size] = '\0';
> +
> +    /* range should OK because of file size condition above */
> +    const bool invalidity = !isdigit_str(time_str);
> +
> +    free(time_str);
> +
> +    return invalidity;
> +}

Reply via email to