There seems to me to be a race condition in the design of the extattr(2) interface. I can't imagine I am the first person to notice this, but I have not been able to find any discussion of it, so I mention it.
To read an attribute, I have to first call
to obtain its length, then call
to read it. If the attribute changes between the two calls to a longer value, I will read data which is in an inconsistent state, and not be aware of it.
One way to work around it would be to always call
and repeat if length-extension is detected, but it seems like a clunky way of doing it.
The issue could easily be resolved in one of many ways, by some locking or snapshotting mechanism, e.g. by adding a call like this to the interface:
A subsequent read of the attribute would release the snapshot. Existing code would not be affected.
To read an attribute, I have to first call
Code:
len = extattr_get_file (path, attrnamespace, attrname, NULL, 0)
Code:
extattr_get_file (path, attrnamespace, attrname, buf, len)One way to work around it would be to always call
Code:
extattr_get_file (path, attrnamespace, attrname, buf, len+1)The issue could easily be resolved in one of many ways, by some locking or snapshotting mechanism, e.g. by adding a call like this to the interface:
Code:
int extattr_snapshot_and_getlen_file (const char *path, int attrnamespace, const char *attrname);A subsequent read of the attribute would release the snapshot. Existing code would not be affected.
