Opened 13 years ago

Closed 13 years ago

#173 closed defect (fixed)

libc: bsdselect (4.4) will corrupt the stack / fail when given more than 64 sockets

Reported by: bird Owned by: bird
Priority: normal Milestone: libc-0.6.3
Component: libc-backend Version: 0.6.2
Severity: normal Keywords: select crash


calcsize() in tcpipver.c calculates an fd_set size which is way too small. The cbRet = MAX(cbRet, sizeof(struct my_fd_set)); construct at the end of the function is saving the day for smaller selects, but it will only help up to 64 handles. squid (and probably apache) can easily be pressed to have much more than 64 sockets open (using the ab test tool). squid would either crash in bsdselect or it would return not-a-socket errors which would eventually cause squid to abort.

Change History (1)

comment:1 Changed 13 years ago by bird

Resolution: fixed
Status: newclosed

(In [3383]) Calculate the correct fd_set size and max handle count for the BSD44 version. Fixes #173.

Note: See TracTickets for help on using tickets.