mirror of https://github.com/moparisthebest/curl
multi: mention integer overflow risk if using > 500 million sockets
Reported-by: ovidiu-benea@users.noreply.github.com Closes #1675 Closes #1683
This commit is contained in:
parent
60cf84f7f2
commit
02c7a2ccab
|
@ -1022,6 +1022,10 @@ CURLMcode curl_multi_wait(struct Curl_multi *multi,
|
||||||
|
|
||||||
if(nfds) {
|
if(nfds) {
|
||||||
if(nfds > NUM_POLLS_ON_STACK) {
|
if(nfds > NUM_POLLS_ON_STACK) {
|
||||||
|
/* 'nfds' is a 32 bit value and 'struct pollfd' is typically 8 bytes
|
||||||
|
big, so at 2^29 sockets this value might wrap. When a process gets
|
||||||
|
the capability to actually handle over 500 million sockets this
|
||||||
|
calculation needs a integer overflow check. */
|
||||||
ufds = malloc(nfds * sizeof(struct pollfd));
|
ufds = malloc(nfds * sizeof(struct pollfd));
|
||||||
if(!ufds)
|
if(!ufds)
|
||||||
return CURLM_OUT_OF_MEMORY;
|
return CURLM_OUT_OF_MEMORY;
|
||||||
|
|
Loading…
Reference in New Issue