Re: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow

[Lee Dilkie <lee_dilkie () mitel com>]

David LeBlanc wrote:

> -----Original Message-----
> From: Damien Miller [mailto:djm () mindrot org] said:
>
>  
>
> > This effectively limits select to a maximum of FD_SETSIZE descriptors
> >    
> on Windows. I don't think that this limitiation exists on other
> platforms.
>
> ---------------------------
>
> Note the bit where it says:
>
> #ifndef FD_SETSIZE
> #define FD_SETSIZE      64
> #endif /* FD_SETSIZE */
>
> So to make FD_SETSIZE any arbitrarily large value up to whatever your
> system can handle, you just redefine FD_SETSIZE before you #include
> winsock.h.
>
>  
Something you can't do in linux, is enlarge FD_SETSIZE.

from linux/posix_types/h:
#undef      __FD_SETSIZE
#define     __FD_SETSIZE   1024

Well, you *can* change it, but it requires a recompile of the kernel and 
all userland programs that create an fd_set.

In this regard, windows did get it right. However, the earlier comment 
on using the windows async sockets is spot on, if you want performance. 
Windows fd_set's are structured more like unix poll() arrays (un-ordered 
array of fd's) and are not very efficient if there are many sockets on 
one set. Also, a linux fd_set limits the fd *value* to < 1024, not just 
the number of fd's in the set. So it's possible to only want to put one 
fd on a fd_set but be unable to do so if it's value is > FD_SETSIZE 
(which can be done by increasing the maximum number of file handles a 
process is permitted to open).

-lee