[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-hackers] [PATCH] *portable* fix for select() buffer overrun
From: |
Felix |
Subject: |
Re: [Chicken-hackers] [PATCH] *portable* fix for select() buffer overrun |
Date: |
Tue, 20 Nov 2012 21:24:38 +0100 (CET) |
From: Peter Bex <address@hidden>
Subject: [Chicken-hackers] [PATCH] *portable* fix for select() buffer overrun
Date: Sun, 18 Nov 2012 21:09:51 +0100
> Hello all,
>
> Windows is a pain in the neck. Here's a patch that uses poll() on
> all systems except Windows. This should work around the buffer overrun
> vulnerability in select() described in
> http://lists.nongnu.org/archive/html/chicken-users/2012-06/msg00031.html
> I hope we can finally check this one off our list; it's been almost
> half a year!
>
> I've tested Spiffy on NetBSD with Slowloris, and I couldn't get it to
> crash when HAVE_POSIX_POLL was defined, whereas it would crash quickly
> when it wasn't (but only in a DEBUGBUILD; for some reason a normal build
> won't crash so easily).
Signed off and pushed.
cheers,
felix