ba8f674e15
The current code pads with an extra character that is then rewritten into a null character. This isn't necessary with post-C99 implementations of standardized snprintf, so get rid of it. Also add a note warning that nk_generate_env() and nk_execute() are not async signal safe and are thus unsuitable for use in multithreaded processes. nk_execute() could be rewritten to be async signal safe without much trouble, as the only problem point is snprintf() which is not guaranteed to be async signal safe by POSIX. However, nk_generate_env() performs chroot() if a chroot_path is specified, and chroot() is not async signal safe in POSIX. Additionally, malloc() can be called in rare cases where user information fields are very long, and malloc() is obviously not async signal safe. Finally, snprintf() is used here, too, but it could be replaced. Converting to posix_spawn() is a no-go because posix_spawn() has no facility for changing rlimits or chroot on the spawned process. In summary, I don't think the gains are worth it. Multithreaded processes should just not fork(). |
||
|---|---|---|
| .. | ||
| copy_cmdarg.h | ||
| exec.c | ||
| exec.h | ||
| hwrng.c | ||
| hwrng.h | ||
| io.c | ||
| io.h | ||
| log.h | ||
| net_checksum16.h | ||
| privs.c | ||
| privs.h | ||
| random.c | ||
| random.h | ||