[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
error-protected OPEN isn't a good way to fake a probe
|Date: Mon, 8 Apr 85 14:33 EST
|From: David A. Moon <Moon@SCRC-STONY-BROOK.ARPA>
|Subject: Probe-File and proposed extension.
|To: Rob MacLachlan <RAM@CMU-CS-C.ARPA>
| There needs to be some way to determine whether a file name is
| legal for output.
|What's wrong with calling OPEN and handling the error when it fails? Since
|I don't understand the desired application, I don't know whether my question
That's unacceptable. Suppose you have an application program that
wants to write two output files (for example, binary and listing
output from assembler or compiler) under luser-control (one or both
names might be wrong, and this is common enough to protect against in
a clean way). The program wants to check both files for validity
before opening either. If you handle error when OPEN fails, then if
the first name is good and the second bad, by the time you find out
the second is bad you have already made the mistake of starting to
create the first file when the process can't finish and the file must
then be garbage. It is therefore necessary to probe both files before
opening either (or at least probe all but one and then
error-protected-OPEN the remaining; but probing all of them is cleaner).