Updated: April 19, 2023

Verify a client's write access to a resource


#include <sys/iofunc.h>

int iofunc_write_verify( resmgr_context_t* ctp,
                         io_write_t* msg,
                         iofunc_ocb_t* ocb,
                         int* nonblock );


A pointer to a resmgr_context_t structure that the resource-manager library uses to pass context information between functions.
A pointer to the io_write_t structure that contains the message that the resource manager received. For information on this structure, see the Handling the _IO_WRITE message topic in the Writing a Resource Manager guide.
A pointer to the iofunc_ocb_t structure for the Open Control Block that was created when the client opened the resource.
NULL, or a pointer to a location where the function can store a value that indicates whether or not the device is nonblocking:
  • O_NONBLOCK — the client doesn't want to be blocked.
  • Zero — the client wants to be blocked.



Use the -l c option to qcc to link against this library. This library is usually included automatically.


The iofunc_write_verify() function checks that the client _IO_WRITE or _IO_WRITE64 message is well-formed and the operation should be allowed to succeed. This function may update fields for proper behavior. Optionally, it further reports if the operation may be treated as nonblocking.

All write handlers should start with a call to iofunc_write_verify() and proceed only if it returns EOK.

This function checks at least that:
  • the original open included write access
  • the incoming message is well-formed, including that:
    • if an xtype is specified that includes extra data headers, the extra data is in the receive buffer
    • at least as many bytes of data were sent as what was specified in the message
  • the write offset to be used is non-negative
  • this operation is not attempting to write to a directory
  • the file is not on a read-only filesystem
  • on 32-bit systems, an _IO_WRITE64 was not sent
  • on regular files on 32-bit filesystems:
    • the offset to be written to does not exceed INT32_MAX
    • the offset plus number of bytes to be written does not exceed INT32_MAX
This function updates the following:
  • If a non-NULL nonblock pointer is passed in, the value pointed to will be set to 0 if the operation may be allowed to block, and to O_NONBLOCK if the operation should not be allowed to block.
  • If the file was opened with O_APPEND, and the message xtype is not _IO_XTYPE_OFFSET, then the ocb->offset will be set to the size of the file, ocb->attr->nbytes.
  • If the write is to a 32-bit filesystem, and the sum of the offset and the number of bytes to write would have exceeded INT32_MAX, then msg->i.nbytes will be reduced such that this sum is exactly INT32_MAX.
  • If the write is more than zero bytes to an executable file with any setid bits set (e.g., the setuid bit), then all setid bits will be zeroed (unset) in the attribute structure, unless the write is from a root (i.e., an euid of 0) process.


The client is allowed to perform this write operation.
The client didn't open the resource for write access.
The message is improperly formatted or doesn't include enough data.
The offset to be written to is greater than INT32_MAX on a 32-bit filesystem and the write is greater than 0 bytes.
The offset to be written to is negative.
The file is a directory.
An _IO_WRITE64 message was received on a 32-bit system.
The file is on a read-only filesystem.


QNX Neutrino

Cancellation point No
Interrupt handler No
Signal handler No
Thread Yes