Mercurial > dovecot > core-2.2

changeset 827:0450b8c216e8 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
select() based I/O-loop: Kill ourself if we're trying to use more than FD_SETSIZE (1024) fds. Before we just overflowed fd_set buffer, but it's unlikely it could have been exploited. Default settings prevented this from happening anyway.
author Timo Sirainen <tss@iki.fi>
date Sat, 21 Dec 2002 15:38:00 +0200
parents ca927eb6202f
children 774f32498a7f
files src/lib/ioloop-select.c
diffstat 1 files changed, 11 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib/ioloop-select.c	Sat Dec 21 15:12:16 2002 +0200
+++ b/src/lib/ioloop-select.c	Sat Dec 21 15:38:00 2002 +0200
@@ -34,6 +34,10 @@
 #include <sys/time.h>
 #include <unistd.h>
 
+#ifndef FD_SETSIZE
+#  define FD_SETSIZE 1024
+#endif
+
 struct _IOLoopHandlerData {
 	fd_set read_fds, write_fds;
 };
@@ -54,6 +58,11 @@
 
 void io_loop_handle_add(IOLoop ioloop, int fd, int condition)
 {
+	i_assert(fd >= 0);
+
+	if (fd >= FD_SETSIZE)
+		i_fatal("fd %d too large for select()", fd);
+
         if (condition & IO_READ)
 		FD_SET(fd, &ioloop->handler_data->read_fds);
         if (condition & IO_WRITE)
@@ -62,6 +71,8 @@
 
 void io_loop_handle_remove(IOLoop ioloop, int fd, int condition)
 {
+	i_assert(fd >= 0 && fd < FD_SETSIZE);
+
         if (condition & IO_READ)
 		FD_CLR(fd, &ioloop->handler_data->read_fds);
         if (condition & IO_WRITE)