Reject socket fds > FD_SETSIZE

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20127 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 22 insertions, 0 deletions

diff --git a/src/kdc/network.c b/src/kdc/network.c
index 86fa6c0..dc21e1d 100644
--- a/src/kdc/network.c
+++ b/src/kdc/network.c
@@ -312,6 +312,12 @@ add_fd (struct socksetup *data, int sock, enum kdc_conn_type conntype,
     struct connection *newconn;
     void *tmp;
 
+    if (sock > FD_SETSIZE) {
+	data->retval = EMFILE;	/* XXX */
+	com_err(data->prog, 0,
+		"file descriptor number %d too high", sock);
+	return 0;
+    }
     newconn = malloc(sizeof(*newconn));
     if (newconn == 0) {
 	data->retval = errno;
@@ -396,6 +402,12 @@ setup_a_tcp_listener(struct socksetup *data, struct sockaddr *addr)
 		paddr(addr));
 	return -1;
     }
+    if (sock > FD_SETSIZE) {
+	close(sock);
+	com_err(data->prog, 0, "TCP socket fd number %d (for %s) too high",
+		sock, paddr(addr));
+	return -1;
+    }
     if (setreuseaddr(sock, 1) < 0)
 	com_err(data->prog, errno,
 		"Cannot enable SO_REUSEADDR on fd %d", sock);
@@ -1098,6 +1110,10 @@ static void accept_tcp_connection(struct connection *conn, const char *prog,
     s = accept(conn->fd, addr, &addrlen);
     if (s < 0)
 	return;
+    if (s > FD_SETSIZE) {
+	close(s);
+	return;
+    }
     setnbio(s), setnolinger(s);
 
     sockdata.prog = prog;
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index 0c63b22..9992747 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -671,6 +671,12 @@ start_connection (struct conn_state *state,
 	dprint("socket: %m creating with af %d\n", state->err, ai->ai_family);
 	return -1;		/* try other hosts */
     }
+    if (fd > FD_SETSIZE) {
+	close(fd);
+	state->err = EMFILE;
+	dprint("socket: fd %d too high\n", fd);
+	return -1;
+    }
     /* Make it non-blocking.  */
     if (ai->ai_socktype == SOCK_STREAM) {
 	static const int one = 1;