"Daniel P. Berrange" <berrange(a)redhat.com> writes:
On Tue, Jan 10, 2012 at 11:25:39AM +0100, Robert Scheck wrote:
> Would -D_FORTIFY_SOURCE=0 be acceptable until the code is rewritten?
As Tom pointed out, if you override FD_SETSIZE with glibc, this has
no effect on the size of the 'fd_set' struct. So any attempt to
actually store a larger number of FDs will be writing outside
the bounds of the struct. ie it will be corrupting heap/stack
memory. This is the kind of flaw that leads to crashes at best,
or security exploits at worst.
Perhaps a more reliable workaround would be to patch in some code at
program start that reduces the soft limit on number of open files to
1K or less (see setrlimit(RLIMIT_NOFILE)). This would presumably
reduce performance by some fractional amount, but that seems better
than the unsafe behavior you're looking at now.
regards, tom lane