(safe_read): Change type of function from ssize_t to size_t.

author Jim Meyering <jim@meyering.net>

Sun, 6 Oct 2002 14:55:01 +0000 (14:55 +0000)

committer Jim Meyering <jim@meyering.net>

Sun, 6 Oct 2002 14:55:01 +0000 (14:55 +0000)
author Jim Meyering <jim@meyering.net>
Sun, 6 Oct 2002 14:55:01 +0000 (14:55 +0000)
committer Jim Meyering <jim@meyering.net>
Sun, 6 Oct 2002 14:55:01 +0000 (14:55 +0000)
diff --git a/lib/safe-read.c b/lib/safe-read.c

index adfd86f5dbdbb2a8eeb42c6bc2e0be25f1821330..134b80454c1c5d90c6765217e3b66f26fb3e0c9d 100644 (file)
--- a/lib/safe-read.c
+++ b/lib/safe-read.c
@@ -21,6 +21,7 @@
  #endif
  
  #include <sys/types.h>
+#include <stdlib.h>
  
  #if HAVE_UNISTD_H
  # include <unistd.h>
@@ -34,14 +35,25 @@ extern int errno;
  #include "safe-read.h"
  
  /* Read LEN bytes at PTR from descriptor DESC, retrying if interrupted.
-   Return the actual number of bytes read, zero for EOF, or -1 upon error.  */
+   Return the actual number of bytes read, zero upon EOF,
+   or SAFE_READ_ERROR upon error.
+   Abort if LEN is SAFE_READ_ERROR (aka `(size_t) -1').
  
-ssize_t
+   WARNING: although both LEN and the return value are of type size_t,
+   the range of the return value is restricted -- by virtue of being
+   returned from read(2) -- and will never be larger than SSIZE_MAX,
+   with the exception of SAFE_READ_ERROR, of course.
+   So don't test `safe_read (..., N) == N' unless you're sure that
+   N <= SSIZE_MAX.  */
+
+size_t
  safe_read (int desc, void *ptr, size_t len)
  {
    ssize_t n_chars;
  
-  if (len <= 0)
+  if (len == SAFE_READ_ERROR)
+    abort ();
+  if (len == 0)
      return len;
  
  #ifdef EINTR
author	Jim Meyering <jim@meyering.net>
	Sun, 6 Oct 2002 14:55:01 +0000 (14:55 +0000)
committer	Jim Meyering <jim@meyering.net>
	Sun, 6 Oct 2002 14:55:01 +0000 (14:55 +0000)