diff options
| author | Wez Furlong <wez@php.net> | 2004-09-17 12:44:56 +0000 |
|---|---|---|
| committer | Wez Furlong <wez@php.net> | 2004-09-17 12:44:56 +0000 |
| commit | 99e290f882c9116e74418b9271a75d557533c4f5 (patch) | |
| tree | 737c6e4ec61d02067b60372407542e3235d511e6 /ext/soap/php_http.c | |
| parent | 9085689d6faec9eeae6802638ff2dea233d536b8 (diff) | |
| download | php-git-99e290f882c9116e74418b9271a75d557533c4f5.tar.gz | |
Fix for Bug #24189: possibly unsafe select(2) usage.
We avoid the problem by using poll(2).
On systems without poll(2) (older bsd-ish systems, and win32), we emulate
poll(2) using select(2) and check for valid descriptors before attempting
to access them via the descriptor sets.
If an out-of-range descriptor is detected, an E_WARNING is raised suggesting
that PHP should be recompiled with a larger FD_SETSIZE (and also with a
suggested value).
Most uses of select(2) in the source are to poll a single descriptor, so
a couple of handy wrapper functions have been added to make this easier.
A configure option --enable-fd-setsize has been added to both the unix and
win32 builds; on unix we default to 16384 and on windows we default to 256.
Windows FD_SETSIZE imposes a limit on the maximum number of descriptors that
can be select()ed at once, whereas the unix FD_SETSIZE limit is based on the
highest numbered descriptor; 256 should be plenty for PHP scripts under windows
(the default OS setting is 64).
The win32 specific parts are untested; will do that now.
Diffstat (limited to 'ext/soap/php_http.c')
| -rw-r--r-- | ext/soap/php_http.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index b4f9c2351a..9c4d47624c 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -32,21 +32,19 @@ static int get_http_headers(php_stream *socketd,char **response, int *out_size T static int stream_alive(php_stream *stream TSRMLS_DC) { int socket; - fd_set rfds; - struct timeval tv; char buf; + /* maybe better to use: + * php_stream_set_option(stream, PHP_STREAM_OPTION_CHECK_LIVENESS, 0, NULL) + * here instead */ + if (stream == NULL || stream->eof || php_stream_cast(stream, PHP_STREAM_AS_FD_FOR_SELECT, (void**)&socket, 0) != SUCCESS) { return FALSE; } if (socket == -1) { return FALSE; } else { - FD_ZERO(&rfds); - FD_SET(socket, &rfds); - tv.tv_sec = 0; - tv.tv_usec = 0; - if (select(socket + 1, &rfds, NULL, NULL, &tv) > 0 && FD_ISSET(socket, &rfds)) { + if (php_pollfd_for_ms(socket, PHP_POLLREADABLE, 0) > 0) { if (0 == recv(socket, &buf, sizeof(buf), MSG_PEEK) && php_socket_errno() != EAGAIN) { return FALSE; } |