diff options
Diffstat (limited to 'usr.sbin/faithd/tcp.c')
-rw-r--r-- | usr.sbin/faithd/tcp.c | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/usr.sbin/faithd/tcp.c b/usr.sbin/faithd/tcp.c index 68a2f51..714df9a 100644 --- a/usr.sbin/faithd/tcp.c +++ b/usr.sbin/faithd/tcp.c @@ -1,4 +1,4 @@ -/* $KAME: tcp.c,v 1.8 2001/11/21 07:40:22 itojun Exp $ */ +/* $KAME: tcp.c,v 1.13 2003/09/02 22:49:21 itojun Exp $ */ /* * Copyright (C) 1997 and 1998 WIDE Project. @@ -93,8 +93,9 @@ sig_child(int sig) pid_t pid; pid = wait3(&status, WNOHANG, (struct rusage *)0); - if (pid && WEXITSTATUS(status)) - syslog(LOG_WARNING, "child %d exit status 0x%x", pid, status); + if (pid > 0 && WEXITSTATUS(status)) + syslog(LOG_WARNING, "child %ld exit status 0x%x", + (long)pid, status); exit_success("terminate connection due to child termination"); } @@ -156,6 +157,8 @@ send_data(int s_rcv, int s_snd, const char *service, int direction) if (cc == -1) goto retry_or_err; oob_exists = 0; + if (s_rcv >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_SET(s_rcv, &exceptfds); } @@ -174,12 +177,18 @@ send_data(int s_rcv, int s_snd, const char *service, int direction) } #endif /* DEBUG */ tblen = 0; tboff = 0; + if (s_snd >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_CLR(s_snd, &writefds); + if (s_rcv >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_SET(s_rcv, &readfds); return; retry_or_err: if (errno != EAGAIN) exit_failure("writing relay data failed: %s", strerror(errno)); + if (s_snd >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_SET(s_snd, &writefds); } @@ -195,6 +204,8 @@ relay(int s_rcv, int s_snd, const char *service, int direction) FD_ZERO(&exceptfds); fcntl(s_snd, F_SETFD, O_NONBLOCK); oreadfds = readfds; owritefds = writefds; oexceptfds = exceptfds; + if (s_rcv >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_SET(s_rcv, &readfds); FD_SET(s_rcv, &exceptfds); oob_exists = 0; @@ -229,7 +240,11 @@ relay(int s_rcv, int s_snd, const char *service, int direction) oob_read_retry: cc = read(s_rcv, atmark_buf, 1); if (cc == 1) { + if (s_rcv >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_CLR(s_rcv, &exceptfds); + if (s_snd >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_SET(s_snd, &writefds); oob_exists = 1; } else if (cc == -1) { @@ -262,7 +277,11 @@ relay(int s_rcv, int s_snd, const char *service, int direction) exit_success("terminating %s relay", service); /* NOTREACHED */ default: + if (s_rcv >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_CLR(s_rcv, &readfds); + if (s_snd >= FD_SETSIZE) + exit_failure("descriptor too big"); FD_SET(s_snd, &writefds); break; } |