1 // Copyright 2011 Google LLC
2 //
3 // Redistribution and use in source and binary forms, with or without
4 // modification, are permitted provided that the following conditions are
5 // met:
6 //
7 // * Redistributions of source code must retain the above copyright
8 // notice, this list of conditions and the following disclaimer.
9 // * Redistributions in binary form must reproduce the above
10 // copyright notice, this list of conditions and the following disclaimer
11 // in the documentation and/or other materials provided with the
12 // distribution.
13 // * Neither the name of Google LLC nor the names of its
14 // contributors may be used to endorse or promote products derived from
15 // this software without specific prior written permission.
16 //
17 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
20 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
21 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
23 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28
29 // safe_readlink.h: Define the google_breakpad::SafeReadLink function,
30 // which wraps sys_readlink and gurantees the result is NULL-terminated.
31
32 #ifndef COMMON_LINUX_SAFE_READLINK_H_
33 #define COMMON_LINUX_SAFE_READLINK_H_
34
35 #include <stddef.h>
36
37 namespace google_breakpad {
38
39 // This function wraps sys_readlink() and performs the same functionalty,
40 // but guarantees |buffer| is NULL-terminated if sys_readlink() returns
41 // no error. It takes the same arguments as sys_readlink(), but unlike
42 // sys_readlink(), it returns true on success.
43 //
44 // |buffer_size| specifies the size of |buffer| in bytes. As this function
45 // always NULL-terminates |buffer| on success, |buffer_size| should be
46 // at least one byte longer than the expected path length (e.g. PATH_MAX,
47 // which is typically defined as the maximum length of a path name
48 // including the NULL byte).
49 //
50 // The implementation of this function calls sys_readlink() instead of
51 // readlink(), it can thus be used in the context where calling to libc
52 // functions is discouraged.
53 bool SafeReadLink(const char* path, char* buffer, size_t buffer_size);
54
55 // Same as the three-argument version of SafeReadLink() but deduces the
56 // size of |buffer| if it is a char array of known size.
57 template <size_t N>
SafeReadLink(const char * path,char (& buffer)[N])58 bool SafeReadLink(const char* path, char (&buffer)[N]) {
59 return SafeReadLink(path, buffer, sizeof(buffer));
60 }
61
62 } // namespace google_breakpad
63
64 #endif // COMMON_LINUX_SAFE_READLINK_H_
65