openat, save-cwd: avoid xmalloc

This removes a direct (but undocumented) dependency of openat on
xalloc, along with an indirect dependency via save-cwd.  It also
removes a dependency of save-cwd on xgetcwd, and thereby
indirectly on xalloc.  This change causes the openat substitute
to fall back on save_cwd when memory is tight, and for save_cwd to
fail instead of dying when memory is tight, but that's good enough.

* lib/openat-proc.c: Include stdlib.h (for malloc), not
xalloc.h (for xmalloc).
(openat_proc_name): Use malloc, not xmalloc.
* lib/save-cwd.c (save_cwd): Use getcwd, not xgetcwd.
* modules/save-cwd (Files): Depend on getcwd, not xgetcwd.

ChangeLog

@@ -1,5 +1,20 @@
 2011-01-11  Paul Eggert  <eggert@cs.ucla.edu>
 
+	openat, save-cwd: avoid xmalloc
+
+	This removes a direct (but undocumented) dependency of openat on
+	xalloc, along with an indirect dependency via save-cwd.  It also
+	removes a dependency of save-cwd on xgetcwd, and thereby
+	indirectly on xalloc.  This change causes the openat substitute
+	to fall back on save_cwd when memory is tight, and for save_cwd to
+	fail instead of dying when memory is tight, but that's good enough.
+
+	* lib/openat-proc.c: Include stdlib.h (for malloc), not
+	xalloc.h (for xmalloc).
+	(openat_proc_name): Use malloc, not xmalloc.
+	* lib/save-cwd.c (save_cwd): Use getcwd, not xgetcwd.
+	* modules/save-cwd (Files): Depend on getcwd, not xgetcwd.
+
 	openat: Increase OPENAT_BUFFER_SIZE from 512 to at least 1024
 	This avoids heap allocation for file names whose lengths are in
 	the range 512..1023, with the upper bound increasing to at most

lib/openat-proc.c

@@ -26,13 +26,13 @@
 #include <fcntl.h>
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 
 #include "dirname.h"
 #include "intprops.h"
 #include "same-inode.h"
-#include "xalloc.h"
 
 /* The results of open() in this file are not used with fchdir,
    and we do not leak fds to any single-threaded code that could use stdio,
@@ -52,7 +52,8 @@
 /* Set BUF to the expansion of PROC_SELF_FD_FORMAT, using FD and FILE
    respectively for %d and %s.  If successful, return BUF if the
    result fits in BUF, dynamically allocated memory otherwise.  But
-   return NULL if /proc is not reliable.  */
+   return NULL if /proc is not reliable, either because the operating
+   system support is lacking or because memory is low.  */
 char *
 openat_proc_name (char buf[OPENAT_BUFFER_SIZE], int fd, char const *file)
 {
@@ -98,7 +99,13 @@ openat_proc_name (char buf[OPENAT_BUFFER_SIZE], int fd, char const *file)
   else
     {
       size_t bufsize = PROC_SELF_FD_NAME_SIZE_BOUND (strlen (file));
-      char *result = (bufsize < OPENAT_BUFFER_SIZE ? buf : xmalloc (bufsize));
+      char *result = buf;
+      if (OPENAT_BUFFER_SIZE < bufsize)
+        {
+          result = malloc (bufsize);
+          if (! result)
+            return NULL;
+        }
       sprintf (result, PROC_SELF_FD_FORMAT, fd, file);
       return result;
     }

lib/save-cwd.c

@@ -54,7 +54,7 @@
 /* Record the location of the current working directory in CWD so that
    the program may change to other directories and later use restore_cwd
    to return to the recorded location.  This function may allocate
-   space using malloc (via xgetcwd) or leave a file descriptor open;
+   space using malloc (via getcwd) or leave a file descriptor open;
    use free_cwd to perform the necessary free or close.  Upon failure,
    no memory is allocated, any locally opened file descriptors are
    closed;  return non-zero -- in that case, free_cwd need not be
@@ -81,7 +81,7 @@ save_cwd (struct saved_cwd *cwd)
     cwd->desc = fd_safer (cwd->desc);
   if (cwd->desc < 0)
     {
-      cwd->name = xgetcwd ();
+      cwd->name = getcwd (NULL, 0);
       return cwd->name ? 0 : -1;
     }
 

modules/save-cwd

@@ -9,9 +9,9 @@ m4/save-cwd.m4
 Depends-on:
 chdir-long
 cloexec
+getcwd
 stdbool
 unistd-safer
-xgetcwd
 
 configure.ac:
 gl_SAVE_CWD