-----Original Message-----
3APA3A [mailto:3APA3A@security.nnov.ru] wrote:
For Windows fd_set is a sockets array, not bitmask and FD_SETSIZE
defines maximum number of sockets in this array. So, Windows
application may be vulnerable only if it places a large number of
sockets into same fd_set structure (finite state machine architecture).
[snip]
For Windows default FD_SETSIZE is 64 and select() is only
POSIX-complatible function to wait on socket input (there is no poll(),
but there are Windows specific functions).
[snip]
If you look at Winsock[2].h, you find this:
#ifndef FD_SETSIZE
#define FD_SETSIZE 64
#endif /* FD_SETSIZE */
typedef struct fd_set {
u_int fd_count; /* how many are SET? */
SOCKET fd_array[FD_SETSIZE]; /* an array of SOCKETs */
} fd_set;
#define FD_SET(fd, set) do { \
u_int __i; \
for (__i = 0; __i < ((fd_set FAR *)(set))->fd_count; __i++) { \
if (((fd_set FAR *)(set))->fd_array[__i] == (fd)) { \
break; \
} \
} \
if (__i == ((fd_set FAR *)(set))->fd_count) { \
if (((fd_set FAR *)(set))->fd_count < FD_SETSIZE) { \
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
((fd_set FAR *)(set))->fd_array[__i] = (fd); \
((fd_set FAR *)(set))->fd_count++; \
} \
} \
} while(0)
So if you attempted to put FD_SETSIZE + 1 sockets into an fd_set, it
would just fail.
Additionally, if you want to write a high-performance asynchronous
sockets application on Windows, I highly recommend either using
WSAEventSelect or I/O completion ports. If you are dealing with a
cross-platform application, I would abstract out the platform-specific
code - the perf gains are worth it. I've done this, and the improvements
were significant.
Hope this helps -
