This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: FD_SET and FORTIFY_SOURCE

From: Florian Weimer <fweimer at redhat dot com>
To: Rich Felker <dalias at aerifal dot cx>
Cc: libc-alpha at sourceware dot org
Date: Thu, 28 Feb 2013 17:24:18 +0100
Subject: Re: FD_SET and FORTIFY_SOURCE
References: <512F0CC6.8080302@redhat.com> <20130228134139.GL20323@brightrain.aerifal.cx>

On 02/28/2013 02:41 PM, Rich Felker wrote:

The problem is that a large amount of otherwise-correct software uses
malloc and out-of-bounds FD_SET arguments to work with sets larger
than FD_SETSIZE. I have written on the issue before that the "correct"
way to do this is allocate an array of fd_set objects and use / and %
to address the bit rather than passing an out-of-bounds argument to
FD_SET (which invokes UB), but some important software like libevent
(if I remember correctly) remains wrong in this regard.

The order of bits is unspecified. The fd_set elements are typically words, not bytes, and the bit order of the two access patterns differs on big-endian machines. (I believe this has been used as an argument that little-endian is the natural order, the Internet not withstanding.) I can't believe that your kludge is actually more portable than just requiring poll support. 8-)

(Writing a poll emulation on top of select isn't that hard, if you need it.)

--
Florian Weimer / Red Hat Product Security Team

Follow-Ups:
- Re: FD_SET and FORTIFY_SOURCE
  - From: Rich Felker
- Re: FD_SET and FORTIFY_SOURCE
  - From: KOSAKI Motohiro

References:
- FD_SET and FORTIFY_SOURCE
  - From: Florian Weimer
- Re: FD_SET and FORTIFY_SOURCE
  - From: Rich Felker

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]