<<< Date Index >>>     <<< Thread Index >>>

Re: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow



David LeBlanc wrote:



-----Original Message-----
From: Damien Miller [mailto:djm@xxxxxxxxxxx] said:

This effectively limits select to a maximum of FD_SETSIZE descriptors
on Windows. I don't think that this limitiation exists on other
platforms.

---------------------------

Note the bit where it says:

#ifndef FD_SETSIZE
#define FD_SETSIZE      64
#endif /* FD_SETSIZE */

So to make FD_SETSIZE any arbitrarily large value up to whatever your
system can handle, you just redefine FD_SETSIZE before you #include
winsock.h.

Something you can't do in linux, is enlarge FD_SETSIZE.

from linux/posix_types/h:
#undef      __FD_SETSIZE
#define     __FD_SETSIZE   1024

Well, you *can* change it, but it requires a recompile of the kernel and all userland programs that create an fd_set.

In this regard, windows did get it right. However, the earlier comment on using the windows async sockets is spot on, if you want performance. Windows fd_set's are structured more like unix poll() arrays (un-ordered array of fd's) and are not very efficient if there are many sockets on one set. Also, a linux fd_set limits the fd *value* to < 1024, not just the number of fd's in the set. So it's possible to only want to put one fd on a fd_set but be unable to do so if it's value is > FD_SETSIZE (which can be done by increasing the maximum number of file handles a process is permitted to open).

-lee