From e70e42fa664efe82ca3cfd98d14ef8933b1d6d5f Mon Sep 17 00:00:00 2001
From: Jim Meyering <jim@meyering.net>
Date: Sun, 6 Oct 2002 14:55:01 +0000
Subject: [PATCH] (safe_read): Change type of function from ssize_t to size_t.

---
 lib/safe-read.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/lib/safe-read.c b/lib/safe-read.c
index adfd86f5db..134b80454c 100644
--- a/lib/safe-read.c
+++ b/lib/safe-read.c
@@ -21,6 +21,7 @@
 #endif
 
 #include <sys/types.h>
+#include <stdlib.h>
 
 #if HAVE_UNISTD_H
 # include <unistd.h>
@@ -34,14 +35,25 @@ extern int errno;
 #include "safe-read.h"
 
 /* Read LEN bytes at PTR from descriptor DESC, retrying if interrupted.
-   Return the actual number of bytes read, zero for EOF, or -1 upon error.  */
+   Return the actual number of bytes read, zero upon EOF,
+   or SAFE_READ_ERROR upon error.
+   Abort if LEN is SAFE_READ_ERROR (aka `(size_t) -1').
 
-ssize_t
+   WARNING: although both LEN and the return value are of type size_t,
+   the range of the return value is restricted -- by virtue of being
+   returned from read(2) -- and will never be larger than SSIZE_MAX,
+   with the exception of SAFE_READ_ERROR, of course.
+   So don't test `safe_read (..., N) == N' unless you're sure that
+   N <= SSIZE_MAX.  */
+
+size_t
 safe_read (int desc, void *ptr, size_t len)
 {
   ssize_t n_chars;
 
-  if (len <= 0)
+  if (len == SAFE_READ_ERROR)
+    abort ();
+  if (len == 0)
     return len;
 
 #ifdef EINTR
-- 
2.47.2