Home page logo

bugtraq logo Bugtraq mailing list archives

Re: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow
From: Casper.Dik () Sun COM
Date: Sun, 30 Jan 2005 18:43:08 +0100

from linux/posix_types/h:
#undef      __FD_SETSIZE
#define     __FD_SETSIZE   1024

Well, you *can* change it, but it requires a recompile of the kernel and 
all userland programs that create an fd_set.

Which is generally true for most Unix systems; traditionallly you can
redefine FD_SETSIZE for a larger set but you're limited by kernel
support (or libc support, as the case may be)

In this regard, windows did get it right. However, the earlier comment 
on using the windows async sockets is spot on, if you want performance. 
Windows fd_set's are structured more like unix poll() arrays (un-ordered 
array of fd's) and are not very efficient if there are many sockets on 
one set. Also, a linux fd_set limits the fd *value* to < 1024, not just 
the number of fd's in the set. So it's possible to only want to put one 
fd on a fd_set but be unable to do so if it's value is > FD_SETSIZE 
(which can be done by increasing the maximum number of file handles a 
process is permitted to open).

Which is why poll(2) is the superior interface; but event driven
machnisms are in the end the best.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]