[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

creat-safer vs. text mode platforms

From: Eric Blake
Subject: creat-safer vs. text mode platforms
Date: Wed, 15 Mar 2006 22:39:55 -0700
User-agent: Thunderbird 1.5 (Windows/20051201)

Hash: SHA1

On non-POSIX platforms like cygwin, where text mode can be distinct from
binary mode, creat() will create a text-mode file.  But in tar, this is
the wrong thing to do, since text mode corrupts the binary archive.
Should we replace all uses of "creat (name, mode)" (such as in
creat-safer.c) with "open (name, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY,
mode)", with O_BINARY properly defined to 0 on POSIX systems?  This would
make no difference in semantics to POSIX platforms, only where binary is
distinct from text.

Or should we just encourage GNU programs to use open instead of creat, so
that they have explicit control over whether the O_BINARY flag is used,
resulting in one less portability gotcha.  If we go for the latter, then
maybe the best implementation of creat in fcntl--.h would be:

#undef creat
#define creat "creat is not predictable on platforms with text mode;" \
              "use open instead" dont_use_creat

to force a syntax error if someone slips up.

Hmm, maybe something similar should be done for the recently removed
asctime_r and ctime_r.  GNU ld already warns about linking inherently
unsafe functions like gets, but does not yet mark asctime_r unsafe;
besides, it would be nice if gnulib could point out unsafe code even when
GNU ld is not in use.

- --
Life is short - so eat dessert first!

Eric Blake             address@hidden
Version: GnuPG v1.4.2.1 (Cygwin)
Comment: Public key at home.comcast.net/~ericblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


reply via email to

[Prev in Thread] Current Thread [Next in Thread]