moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

multi: mention integer overflow risk if using > 500 million sockets 

Reported-by: ovidiu-benea@users.noreply.github.com

Closes #1675
Closes #1683
This commit is contained in:
Daniel Stenberg 2017-07-27 01:13:47 +02:00
parent 60cf84f7f2
commit 02c7a2ccab
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/multi.c
View File

@ -1022,6 +1022,10 @@ CURLMcode curl_multi_wait(struct Curl_multi *multi,
if(nfds) {
if(nfds > NUM_POLLS_ON_STACK) {
/* 'nfds' is a 32 bit value and 'struct pollfd' is typically 8 bytes
big, so at 2^29 sockets this value might wrap. When a process gets
the capability to actually handle over 500 million sockets this
calculation needs a integer overflow check. */
ufds = malloc(nfds * sizeof(struct pollfd));
if(!ufds)
return CURLM_OUT_OF_MEMORY;