Bug #269: buffer overflow when number of open file descriptors >= FD_SETSIZE - Bip - DuckCorp Projects

Actions

Copy link

Bug #269

closed

buffer overflow when number of open file descriptors >= FD_SETSIZE

Added by Pierre-Louis Bonicoli almost 13 years ago. Updated over 12 years ago.

Status:

Resolved

Priority:

Urgent

Assignee:

Pierre-Louis Bonicoli

Target version:

Start date:

2012-01-07

Due date:

% Done:

50%

Estimated time:

Patch Available:

Yes

Found in Versions:

0.7.0 0.8.8

Confirmed:

Yes

Branch:

Security:

Yes

Help Needed:

Description

Reported by Julien Tinnes, thanks to him!

Bip doesn't check if fd is equal or larger than FD_SETSIZE.

From select man page:

Executing FD_CLR() or FD_SET() with a value of fd that is negative or is equal to or larger than FD_SETSIZE will result in undefined behavior.

Files

0001-Buffer-Overflow-check-against-the-implicit-size-of-s.patch (1.64 KB) 0001-Buffer-Overflow-check-against-the-implicit-size-of-s.patch

Pierre-Louis Bonicoli, 2012-01-07 11:45

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Bip

Custom queries

Bug #269

buffer overflow when number of open file descriptors >= FD_SETSIZE

Updated by Pierre-Louis Bonicoli almost 13 years ago

Updated by Pierre-Louis Bonicoli almost 13 years ago

Updated by Pierre-Louis Bonicoli almost 13 years ago

Updated by Pierre-Louis Bonicoli almost 13 years ago