Docs/defensive-coding-guide
2
0
Fork 0
Code Issues 3 Pull requests 1 Projects Releases Packages Wiki Activity Actions

some more C-lib specific advice

Browse source
This commit is contained in:
Huzaifa Sidhpurwala 2021-09-18 11:00:46 +05:30
parent bce3587ece
commit 2620802c9f
1 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/ROOT/pages/programming-languages/C-Libc.adoc
View file

@ -289,6 +289,7 @@ them to find out what the length actually means.
=== Using tricky syscalls or library functions
==== `readlink`
This is the hardest system call to use correctly because of everything you have to do
* The buf should be of PATH_MAX length, that includes space for the terminating NUL character.
* The bufsize should be `sizeof(buf) - 1`
* `readlink` return value should be caught as a signed integer (ideally type `ssize_t`).
@ -304,4 +305,7 @@ This is the hardest system call to use correctly because of everything you have
* If `S_ISLNK` macro is used, the stat buffer MUST come from lstat or from fstatat with `AT_SYMLINK_NOFOLLOW`
* If you are doing something really important, call fstat after opening and compare the before and after stat buffers before trusting them.
=== `setgid`, `setuid`:
* Call these in the right order: groups and then uid.
* Always check the return code.
* If `setgid` & `setuid` are used, supplemental groups are not reset. This must be done with setgroups or initgroups before the uid change.