Date: Sat, 21 Jun 1997 19:38:28 +1000 From: Bruce Evans <bde@zeta.org.au> To: jkh@time.cdrom.com, sthaug@nethelp.no Cc: hackers@FreeBSD.ORG, marcs@znep.com Subject: Re: gethostbyname() and fds >255 Message-ID: <199706210938.TAA24130@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>The problem is in res_send(). In lib/libc/net/res_send.c line 577 in
>FreeBSD-current we have:
>
> if (s+1 > FD_SETSIZE) {
>#ifdef DEBUG
> if (_res.options & RES_DEBUG)
> fprintf(stderr,
> "res_send: too many files\n");
>#endif
> res_close();
> goto next_ns;
> }
>
>and FD_SETSIZE is statically defined as 256 in /usr/include/sys/types.h.
>...
FD_SETSIZE is statically defined as 1024 in -current. This just moves the
problem.
>Since this code was added between 4.9.5-P1 and 4.9.6, my guess is that
>it's an attempt to stop some sort of denial of service attack - but it
It is to prevent writing beyond the end of sdmask in in FD_SET(s, &sdmask).
>looks like it may not be the best way to fix it.
Library functions should not have arbitrary limits, so library code that
wants to use select(2) should avoid using the official interface with
statically defined fd_set's. This isn't easy, and it is only possible
now that the kernel doesn't really implement the official interface.
Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706210938.TAA24130>