diff options
| author | Wez Furlong <wez@php.net> | 2004-09-17 12:44:56 +0000 |
|---|---|---|
| committer | Wez Furlong <wez@php.net> | 2004-09-17 12:44:56 +0000 |
| commit | 99e290f882c9116e74418b9271a75d557533c4f5 (patch) | |
| tree | 737c6e4ec61d02067b60372407542e3235d511e6 /ext/sockets | |
| parent | 9085689d6faec9eeae6802638ff2dea233d536b8 (diff) | |
| download | php-git-99e290f882c9116e74418b9271a75d557533c4f5.tar.gz | |
Fix for Bug #24189: possibly unsafe select(2) usage.
We avoid the problem by using poll(2).
On systems without poll(2) (older bsd-ish systems, and win32), we emulate
poll(2) using select(2) and check for valid descriptors before attempting
to access them via the descriptor sets.
If an out-of-range descriptor is detected, an E_WARNING is raised suggesting
that PHP should be recompiled with a larger FD_SETSIZE (and also with a
suggested value).
Most uses of select(2) in the source are to poll a single descriptor, so
a couple of handy wrapper functions have been added to make this easier.
A configure option --enable-fd-setsize has been added to both the unix and
win32 builds; on unix we default to 16384 and on windows we default to 256.
Windows FD_SETSIZE imposes a limit on the maximum number of descriptors that
can be select()ed at once, whereas the unix FD_SETSIZE limit is based on the
highest numbered descriptor; 256 should be plenty for PHP scripts under windows
(the default OS setting is 64).
The win32 specific parts are untested; will do that now.
Diffstat (limited to 'ext/sockets')
| -rw-r--r-- | ext/sockets/sockets.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c index 8f2a329c35..c9ac0b5dc8 100644 --- a/ext/sockets/sockets.c +++ b/ext/sockets/sockets.c @@ -533,7 +533,7 @@ static int php_sock_array_to_fd_set(zval *sock_array, fd_set *fds, PHP_SOCKET *m php_sock = (php_socket*) zend_fetch_resource(element TSRMLS_CC, -1, le_socket_name, NULL, 1, le_socket); if (!php_sock) continue; /* If element is not a resource, skip it */ - FD_SET(php_sock->bsd_socket, fds); + PHP_SAFE_FD_SET(php_sock->bsd_socket, fds); if (php_sock->bsd_socket > *max_fd) { *max_fd = php_sock->bsd_socket; } @@ -560,7 +560,7 @@ static int php_sock_array_from_fd_set(zval *sock_array, fd_set *fds TSRMLS_DC) php_sock = (php_socket*) zend_fetch_resource(element TSRMLS_CC, -1, le_socket_name, NULL, 1, le_socket); if (!php_sock) continue; /* If element is not a resource, skip it */ - if (FD_ISSET(php_sock->bsd_socket, fds)) { + if (PHP_SAFE_FD_ISSET(php_sock->bsd_socket, fds)) { /* Add fd to new array */ zend_hash_next_index_insert(new_hash, (void *)element, sizeof(zval *), (void **)&dest_element); if (dest_element) zval_add_ref(dest_element); @@ -605,6 +605,8 @@ PHP_FUNCTION(socket_select) RETURN_FALSE; } + PHP_SAFE_MAX_FD(max_fd, 0); /* someone needs to make this look more like stream_socket_select */ + /* If seconds is not set to null, build the timeval, else we wait indefinitely */ if (sec != NULL) { zval tmp; |