Replace some deprecated usages of readdir_r with readdir

sandbox/linux/services/proc_util.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/linux/services/proc_util.h"
 
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <string.h>
@@ skipping 33 matching lines @@
   int proc_self_fd = HANDLE_EINTR(
       openat(proc_fd, "self/fd/", O_DIRECTORY | O_RDONLY | O_CLOEXEC));
   PCHECK(0 <= proc_self_fd);
 
   // Ownership of proc_self_fd is transferred here, it must not be closed
   // or modified afterwards except via dir.
   ScopedDIR dir(fdopendir(proc_self_fd));
   CHECK(dir);
 
   int count = 0;
+#if defined(OS_NACL_NONSFI)

[Jorge Lucangeli Obes, 2016/10/31 15:58:47]

I would add another comment here (and below under the other #if defined()
explaining why this is needed.

Something like:

"NaCl has not implemented readdir(3)."

   struct dirent e;
   struct dirent* de;
   while (!readdir_r(dir.get(), &e, &de) && de) {
-    if (strcmp(e.d_name, ".") == 0 || strcmp(e.d_name, "..") == 0) {
+#else
+  // In all implementations of the C library that Chromium can run with,
+  // concurrent calls to readdir that specify different directory streams are
+  // thread-safe. This is the case here, since the directory stream is scoped to
+  // the current function. See https://codereview.chromium.org/2411833004/#msg3
+  for (struct dirent* de = readdir(dir.get()); de; de = readdir(dir.get())) {
+#endif
+    if (strcmp(de->d_name, ".") == 0 || strcmp(de->d_name, "..") == 0) {
       continue;
     }
 
     int fd_num;
-    CHECK(base::StringToInt(e.d_name, &fd_num));
+    CHECK(base::StringToInt(de->d_name, &fd_num));
     if (fd_num == proc_fd || fd_num == proc_self_fd) {
       continue;
     }
 
     ++count;
   }
   return count;
 }
 
 bool ProcUtil::HasOpenDirectory(int proc_fd) {
   DCHECK_LE(0, proc_fd);
   int proc_self_fd =
       openat(proc_fd, "self/fd/", O_DIRECTORY | O_RDONLY | O_CLOEXEC);
 
   PCHECK(0 <= proc_self_fd);
 
   // Ownership of proc_self_fd is transferred here, it must not be closed
   // or modified afterwards except via dir.
   ScopedDIR dir(fdopendir(proc_self_fd));
   CHECK(dir);
 
+#if defined(OS_NACL_NONSFI)
   struct dirent e;
   struct dirent* de;

[Jorge Lucangeli Obes, 2016/10/31 15:58:47]

This can live outside of the define, can't it?

   while (!readdir_r(dir.get(), &e, &de) && de) {
-    if (strcmp(e.d_name, ".") == 0 || strcmp(e.d_name, "..") == 0) {
+#else
+  // In all implementations of the C library that Chromium can run with,
+  // concurrent calls to readdir that specify different directory streams are
+  // thread-safe. This is the case here, since the directory stream is scoped to
+  // the current function. See https://codereview.chromium.org/2411833004/#msg3
+  for (struct dirent* de = readdir(dir.get()); de; de = readdir(dir.get())) {
+#endif
+    if (strcmp(de->d_name, ".") == 0 || strcmp(de->d_name, "..") == 0) {
       continue;
     }
 
     int fd_num;
-    CHECK(base::StringToInt(e.d_name, &fd_num));
+    CHECK(base::StringToInt(de->d_name, &fd_num));
     if (fd_num == proc_fd || fd_num == proc_self_fd) {
       continue;
     }
 
     struct stat s;
     // It's OK to use proc_self_fd here, fstatat won't modify it.
-    CHECK(fstatat(proc_self_fd, e.d_name, &s, 0) == 0);
+    CHECK(fstatat(proc_self_fd, de->d_name, &s, 0) == 0);
     if (S_ISDIR(s.st_mode)) {
       return true;
     }
   }
 
   // No open unmanaged directories found.
   return false;
 }
 
 bool ProcUtil::HasOpenDirectory() {
   base::ScopedFD proc_fd(
       HANDLE_EINTR(open("/proc/", O_DIRECTORY | O_RDONLY | O_CLOEXEC)));
   return HasOpenDirectory(proc_fd.get());
 }
 
 // static
 base::ScopedFD ProcUtil::OpenProc() {
   return OpenDirectory("/proc/");
 }
 
 }  // namespace sandbox