Re: poll: enable argument check

Sat, 22 Apr 2017 18:53:55 -0700 

Bruno Haible wrote:

TYPE_MAXIMUM (nfds_t) / 2 is good for a quick check against an out-of-bounds 
nfd.
POSIX [1] says that nfd is out-of-bounds if it is > getdtablesize().



OK, but getdtablesize returns 'int' so the 'poll' code should compare to INT_MAX 
rather than to an expression that would not be appropriate on (admittedly weird) 
platforms where nfds_t differs in width from 'int'. Also, that comment is still 
confusing. How about the attached?

>From daa5c31db0ba85578ed22cb9f133de2b20279afd Mon Sep 17 00:00:00 2001
From: Paul Eggert <egg...@cs.ucla.edu>
Date: Sat, 22 Apr 2017 18:48:39 -0700
Subject: [PATCH] poll: improve fast check for out-of-range NFD

* lib/poll.c: Do not include intprops.h.
(poll): Compare NFD to INT_MAX, not to TYPE_MAXIMUM (nfds_t) / 2.
---
 ChangeLog  | 4 ++++
 lib/poll.c | 9 ++++-----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index ad436a7..8a13acc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2017-04-22  Paul Eggert  <egg...@cs.ucla.edu>
 
+	poll: improve fast check for out-of-range NFD
+	* lib/poll.c: Do not include intprops.h.
+	(poll): Compare NFD to INT_MAX, not to TYPE_MAXIMUM (nfds_t) / 2.
+
 	ftoastr: cite a newer paper
 	* lib/ftoastr.c (FTOASTR): In comment, cite Andrysco et al. 2016
 	instead of Loitsch 2010.
diff --git a/lib/poll.c b/lib/poll.c
index 69b3672..078b1ba 100644
--- a/lib/poll.c
+++ b/lib/poll.c
@@ -60,7 +60,6 @@
 #include <time.h>
 
 #include "assure.h"
-#include "intprops.h"
 
 #ifndef INFTIM
 # define INFTIM (-1)
@@ -336,13 +335,13 @@ poll (struct pollfd *pfd, nfds_t nfd, int timeout)
   int maxfd, rc;
   nfds_t i;
 
-  if (nfd > TYPE_MAXIMUM (nfds_t) / 2)
+  if (nfd > INT_MAX)
     {
       errno = EINVAL;
       return -1;
     }
-  /* Don't check directly for NFD too large.  Any practical use of a
-     too-large NFD is caught by one of the other checks below, and
+  /* Don't check directly for NFD greater than OPEN_MAX.  Any practical use
+     of a too-large NFD is caught by one of the other checks below, and
      checking directly for getdtablesize is too much of a portability
      and/or performance and/or correctness hassle.  */
 
@@ -434,7 +433,7 @@ poll (struct pollfd *pfd, nfds_t nfd, int timeout)
   int rc = 0;
   nfds_t i;
 
-  if (nfd > TYPE_MAXIMUM (nfds_t) / 2 || timeout < -1)
+  if (nfd > INT_MAX || timeout < -1)
     {
       errno = EINVAL;
       return -1;
-- 
2.7.4























					Reply via email to