From owner-freebsd-hackers Sat Jun 21 01:58:31 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id BAA19801 for hackers-outgoing; Sat, 21 Jun 1997 01:58:31 -0700 (PDT) Received: from verdi.nethelp.no (verdi.nethelp.no [195.1.171.130]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id BAA19796 for ; Sat, 21 Jun 1997 01:58:27 -0700 (PDT) From: sthaug@nethelp.no Received: (qmail 23112 invoked by uid 1001); 21 Jun 1997 08:58:23 +0000 (GMT) To: jkh@time.cdrom.com Cc: marcs@znep.com, hackers@FreeBSD.ORG Subject: Re: gethostbyname() and fds >255 In-Reply-To: Your message of "Sat, 21 Jun 1997 01:08:36 -0700" References: <28274.866880516@time.cdrom.com> X-Mailer: Mew version 1.05+ on Emacs 19.28.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Sat, 21 Jun 1997 10:58:23 +0200 Message-ID: <23110.866883503@verdi.nethelp.no> Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > For comparison, it works fine on BSD/OS 2.1. Does it work in -current? > > It would appear to: > > 396: host = 198.161.84.2 (valis.worldgate.com) > 397: host = 198.161.84.2 (valis.worldgate.com) > 398: host = 198.161.84.2 (valis.worldgate.com) > 399: host = 198.161.84.2 (valis.worldgate.com) > root@make-> uname -a > FreeBSD make.ican.net 3.0-CURRENT FreeBSD 3.0-CURRENT #0: Mon Jun 16 13:10:14 EDT 1997 jkh@make.ican.net:/a/local/src/sys/compile/MAKE i386 > > It does indeed fall over on my 2.2-stable system. The problem is in res_send(). In lib/libc/net/res_send.c line 577 in FreeBSD-current we have: if (s+1 > FD_SETSIZE) { #ifdef DEBUG if (_res.options & RES_DEBUG) fprintf(stderr, "res_send: too many files\n"); #endif res_close(); goto next_ns; } and FD_SETSIZE is statically defined as 256 in /usr/include/sys/types.h. For comparison, the following code was added between BIND-4.9.5-P1 and what will become BIND-4.9.6: if (s+1 > FD_SETSIZE) { Perror(stderr, "s+1 > FD_SETSIZE", EMFILE); res_close(); goto next_ns; } and BIND-8.1.1-T2B src/lib/resolv/res_send.c has at line 587: if (s+1 > FD_SETSIZE) { Perror(stderr, "s+1 > FD_SETSIZE", EMFILE); res_close(); goto next_ns; } Since this code was added between 4.9.5-P1 and 4.9.6, my guess is that it's an attempt to stop some sort of denial of service attack - but it looks like it may not be the best way to fix it. Steinar Haug, Nethelp consulting, sthaug@nethelp.no