From d5e1bffd2a5b5c39f14944fe3ba25414dcd0d508 Mon Sep 17 00:00:00 2001 From: Dmitry Kalinkin Date: Tue, 18 Jul 2017 17:51:50 -0400 Subject: [PATCH] Do not try to fill fd_set with fd>=FD_SETSIZE This is UB and causes buffer overflow and crash on linux. --- src/libstore/build.cc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/libstore/build.cc b/src/libstore/build.cc index 60b0a531f..d2a270259 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -3835,6 +3835,9 @@ void Worker::waitForInput() int fdMax = 0; for (auto & i : children) { for (auto & j : i.fds) { + if (j >= FD_SETSIZE) { + throw BuildError("reached FD_SETSIZE limit"); + } FD_SET(j, &fds); if (j >= fdMax) fdMax = j + 1; }