mirror of
https://github.com/git/git.git
synced 2024-04-28 10:55:11 +02:00
tempfile: avoid "ferror | fclose" trick
The current code wants to record an error condition from either ferror() or fclose(), but makes sure that we always call both functions. So it can't use logical-OR "||", which would short-circuit when ferror() is true. Instead, it uses bitwise-OR "|" to evaluate both functions and set one or more bits in the "err" flag if they reported a failure. Unlike logical-OR, though, bitwise-OR does not introduce a sequence point, and the order of evaluation for its operands is unspecified. So a compiler would be free to generate code which calls fclose() first, and then ferror() on the now-freed filehandle. There's no indication that this has happened in practice, but let's write it out in a way that follows the standard. Noticed-by: Andreas Schwab <schwab@linux-m68k.org> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Jeff King
Junio C Hamano
parent
c3808ca698
commit
0838cbc22f
|
|
@ -247,12 +247,8 @@ int close_tempfile(struct tempfile *tempfile)
|
|||
tempfile->fd = -1;
|
||||
if (fp) {
|
||||
tempfile->fp = NULL;
|
||||
|
||||
/*
|
||||
* Note: no short-circuiting here; we want to fclose()
|
||||
* in any case!
|
||||
*/
|
||||
err = ferror(fp) | fclose(fp);
|
||||
err = ferror(fp);
|
||||
err |= fclose(fp);
|
||||
} else {
|
||||
err = close(fd);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue