xfuncs, bb_ funcs and "nofork/noexec" plans

Denis Vlasenko vda at ilport.com.ua
Fri Mar 10 01:18:00 PST 2006 

Hi Rob,

I was thinking about changes needed to implement nofork/noexec
for some trivial applets.

Conditions for applet to be eligible for it are as follows:

* Do not expect your bss data to be pre-zeroed for you
  (it will be, but on first invocation only)
* Do not exit, ever. You must return from <applet>_main()
* Do not leave malloc'ed blocks unfreed
* Do not leak file descriptors
(did I forget something?)

Many simpler applets typically do not qualify just because
of few calls to xfuncs. It would be useful if we will have
xfunc equivalent which prints error message, just like xfunc
does, but instead of exiting returns an error.

Like this:

void *bb_malloc(size_t size)
{
        void *ptr = malloc(size);
        if (ptr == NULL && size != 0)
                bb_error_msg(bb_msg_memory_exhausted);
        return ptr;
}
void *xmalloc(size_t size)
{
        void *ptr = bb_malloc(size);
        if (!ptr)
		exit(bb_default_error_retval);
	return ptr;
}

What do you think?

Another small matter - doesn't "x" means "will yell & exit on error"
in the name of xfunc? Do bb_ functions never exit? We'd better enforce
this (or similar) rule in order to make checking above four-point
list easier.

Example:

void bb_lookup_host(struct sockaddr_in *s_in, const char *host)
{
        struct hostent *he;

        memset(s_in, 0, sizeof(struct sockaddr_in));
        s_in->sin_family = AF_INET;
        he = xgethostbyname(host);
        memcpy(&(s_in->sin_addr), he->h_addr_list[0], he->h_length);
}

This is a bb_ function, but it calls a xfunc (xgethostbyname) which
can exit:

struct hostent *xgethostbyname(const char *name)
{
        struct hostent *retval;

        if ((retval = gethostbyname(name)) == NULL)
                bb_herror_msg_and_die("%s", name);

        return retval;
}

How would one know that his program can exit here (taken from ftpgetput.c):

        server->s_in = &s_in;
        bb_lookup_host(&s_in, argv[optind]);
        s_in.sin_port = bb_lookup_port(port, "tcp", 21);
        if (verbose_flag) {
                printf("Connecting to %s[%s]:%d\n",
                                argv[optind], inet_ntoa(s_in.sin_addr), ntohs(s_in.sin_port));
        }

It's not immediately obvious!

Will you accept patches which fix such bb_ fuctions? What name would you prefer?
x_lookup_host? xlookup_host?
--
vda

More information about the busybox mailing list