Opened 12 years ago

Closed 12 years ago

#173 closed defect (fixed)

libc: bsdselect (4.4) will corrupt the stack / fail when given more than 64 sockets

Reported by: bird Owned by: bird
Priority: normal Milestone: libc-0.6.3
Component: libc-backend Version: 0.6.2
Severity: normal Keywords: select crash
Cc:

Description

calcsize() in tcpipver.c calculates an fd_set size which is way too small. The cbRet = MAX(cbRet, sizeof(struct my_fd_set)); construct at the end of the function is saving the day for smaller selects, but it will only help up to 64 handles. squid (and probably apache) can easily be pressed to have much more than 64 sockets open (using the ab test tool). squid would either crash in bsdselect or it would return not-a-socket errors which would eventually cause squid to abort.

Change History (1)

comment:1 Changed 12 years ago by bird

  • Resolution set to fixed
  • Status changed from new to closed

(In [3383]) Calculate the correct fd_set size and max handle count for the BSD44 version. Fixes #173.

Note: See TracTickets for help on using tickets.