From 99e290f882c9116e74418b9271a75d557533c4f5 Mon Sep 17 00:00:00 2001 From: Wez Furlong Date: Fri, 17 Sep 2004 12:44:56 +0000 Subject: Fix for Bug #24189: possibly unsafe select(2) usage. We avoid the problem by using poll(2). On systems without poll(2) (older bsd-ish systems, and win32), we emulate poll(2) using select(2) and check for valid descriptors before attempting to access them via the descriptor sets. If an out-of-range descriptor is detected, an E_WARNING is raised suggesting that PHP should be recompiled with a larger FD_SETSIZE (and also with a suggested value). Most uses of select(2) in the source are to poll a single descriptor, so a couple of handy wrapper functions have been added to make this easier. A configure option --enable-fd-setsize has been added to both the unix and win32 builds; on unix we default to 16384 and on windows we default to 256. Windows FD_SETSIZE imposes a limit on the maximum number of descriptors that can be select()ed at once, whereas the unix FD_SETSIZE limit is based on the highest numbered descriptor; 256 should be plenty for PHP scripts under windows (the default OS setting is 64). The win32 specific parts are untested; will do that now. --- ext/soap/php_http.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'ext/soap/php_http.c') diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index b4f9c2351a..9c4d47624c 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -32,21 +32,19 @@ static int get_http_headers(php_stream *socketd,char **response, int *out_size T static int stream_alive(php_stream *stream TSRMLS_DC) { int socket; - fd_set rfds; - struct timeval tv; char buf; + /* maybe better to use: + * php_stream_set_option(stream, PHP_STREAM_OPTION_CHECK_LIVENESS, 0, NULL) + * here instead */ + if (stream == NULL || stream->eof || php_stream_cast(stream, PHP_STREAM_AS_FD_FOR_SELECT, (void**)&socket, 0) != SUCCESS) { return FALSE; } if (socket == -1) { return FALSE; } else { - FD_ZERO(&rfds); - FD_SET(socket, &rfds); - tv.tv_sec = 0; - tv.tv_usec = 0; - if (select(socket + 1, &rfds, NULL, NULL, &tv) > 0 && FD_ISSET(socket, &rfds)) { + if (php_pollfd_for_ms(socket, PHP_POLLREADABLE, 0) > 0) { if (0 == recv(socket, &buf, sizeof(buf), MSG_PEEK) && php_socket_errno() != EAGAIN) { return FALSE; } -- cgit v1.2.1