GNOME Bugzilla – Bug 554243
select code in nanohttp module can cause problems in apps with more than 1024 open file descriptors
Last modified: 2009-08-24 12:19:08 UTC
The select() code in the nanohttp and nanoftp modules uses statically sized fd_set's, which default to being large enough to hold 1024 file descriptor bits on most Unix systems. This means that in applications with more than 1024 file descriptors open, using nanohttp or nanoftp will cause the FD_SET macro to write a bit somewhere off the end of the actual fd_set; currently there is no error-checking in place to prevent this. fd_set's can be dynamically allocated instead to fix this, or poll() with a dynamically allocated number of pollfd structs could be used in addition to select() if it's supported. To reproduce, set your ulimit -n to something fairly high (say, 100000 - running as root is the easiest way to do this) and compile & run the attached sample code. It'll probably segfault; setting the number of file descriptors it opens to something a little lower will cause other errors, too, visible in Valgrind.
Created attachment 119558 [details] nanohttp-select-bug.c Demonstrates the select bug with the nanohttp module. A similar bug, reproducible with similar code, exists in nanoftp as well.
(I could fix this if wanted; it's not a very complicated fix. Interestingly enough, it probably wouldn't be a problem on Windows, of all platforms, as the FD_* macros in Windows are a little smarter - so it might involve adding some ifdef's for _WIN32. Let me know.)
Looks like a duplicate of 559501 *** This bug has been marked as a duplicate of bug 559501 ***