Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SECURITY.NNOV: Multiple applications fd_set structure bitmap array i

from [Lee Dilkie] Network Security [Permanent Link]
Subject: Re: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow
Date: Sat, 29 Jan 2005 15:05:58 -0500 
David LeBlanc wrote:



-----Original Message-----
From: Damien Miller [mailto:djm@mindrot.org] said:



This effectively limits select to a maximum of FD_SETSIZE descriptors


on Windows. I don't think that this limitiation exists on other
platforms.

---------------------------

Note the bit where it says:

#ifndef FD_SETSIZE
#define FD_SETSIZE      64
#endif /* FD_SETSIZE */

So to make FD_SETSIZE any arbitrarily large value up to whatever your
system can handle, you just redefine FD_SETSIZE before you #include
winsock.h.



Something you can't do in linux, is enlarge FD_SETSIZE.

from linux/posix_types/h:
#undef      __FD_SETSIZE
#define     __FD_SETSIZE   1024

Well, you *can* change it, but it requires a recompile of the kernel and all userland programs that create an fd_set.

In this regard, windows did get it right. However, the earlier comment on using the windows async sockets is spot on, if you want performance. Windows fd_set's are structured more like unix poll() arrays (un-ordered array of fd's) and are not very efficient if there are many sockets on one set. Also, a linux fd_set limits the fd *value* to < 1024, not just the number of fd's in the set. So it's possible to only want to put one fd on a fd_set but be unable to do so if it's value is > FD_SETSIZE (which can be done by increasing the maximum number of file handles a process is permitted to open).

-lee

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: List of all admin accounts in phpBB, Paul Laudanski
Next by Date:  XSS in Infinite Mobile Delivery v2.6 Webmail, steven
Previous by Thread:  RE: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow, David LeBlanc
Next by Thread:  Re: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow, Casper . Dik
Indexes:  [Date] [Thread] [Top] [All Lists]