[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 156/208: multi: mention integer overflow risk if us
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 156/208: multi: mention integer overflow risk if using > 500 million sockets |
Date: |
Wed, 09 Aug 2017 17:35:53 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.55.0
in repository gnurl.
commit 02c7a2ccabf3b21f881faacf286b4308c4ace1bc
Author: Daniel Stenberg <address@hidden>
AuthorDate: Thu Jul 27 01:13:47 2017 +0200
multi: mention integer overflow risk if using > 500 million sockets
Reported-by: address@hidden
Closes #1675
Closes #1683
---
lib/multi.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/multi.c b/lib/multi.c
index 5753f58f7..217849c5a 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -1022,6 +1022,10 @@ CURLMcode curl_multi_wait(struct Curl_multi *multi,
if(nfds) {
if(nfds > NUM_POLLS_ON_STACK) {
+ /* 'nfds' is a 32 bit value and 'struct pollfd' is typically 8 bytes
+ big, so at 2^29 sockets this value might wrap. When a process gets
+ the capability to actually handle over 500 million sockets this
+ calculation needs a integer overflow check. */
ufds = malloc(nfds * sizeof(struct pollfd));
if(!ufds)
return CURLM_OUT_OF_MEMORY;
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 115/208: cmake: add CURL_WERROR for enabling "warning as errors", (continued)
- [GNUnet-SVN] [gnurl] 115/208: cmake: add CURL_WERROR for enabling "warning as errors", gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 121/208: CURLOPT_POSTFIELDS.3: explain the 100-continue magic better, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 94/208: travis.yml: use --enable-werror on debug builds, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 61/208: libtest/Makefile: remove unused lib1541 variables, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 174/208: BUGS: improved phrasing about security bugs, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 137/208: strerror: Preserve Windows error code in some functions, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 176/208: tests/server/util: fix curltime mistake from 4dee50b9c80f9, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 138/208: curl_setup: always define WIN32_LEAN_AND_MEAN on Windows, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 150/208: rtspd: fix GCC warning after MSVC warning fix, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 36/208: tool_wrte_cb: remove check for config == NULL, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 156/208: multi: mention integer overflow risk if using > 500 million sockets,
gnunet <=
- [GNUnet-SVN] [gnurl] 191/208: test1010: verify that #1718 is fixed, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 188/208: travis: BUILD_TYPE => T, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 72/208: libtest/make: generate lib1521.c, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 159/208: test1323: verify curlx_tvdiff, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 42/208: http2: fix OOM crash, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 163/208: tool_help: clarify --include is only for response headers, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 206/208: THANKS: 20 new contributors in 7.55.0, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 183/208: test130: verify comments in .netrc, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 142/208: travis: install libssh2, gnunet, 2017/08/09
- [GNUnet-SVN] [gnurl] 135/208: errno: fix non-windows builds after af0216251b94e7, gnunet, 2017/08/09