From b3d126d5dea5dbfacc0cd77de12c6482e1c9e360 Mon Sep 17 00:00:00 2001 From: normal Date: Sat, 27 May 2017 08:26:47 +0000 Subject: [PATCH] rb_wait_for_single_fd: do not OOM or segfault with invalid FD on select() Instead, match the poll() implementation used on Linux for now; as the Linux poll(2) manpage describes using negative FD to easily ignore an FD in a larger FD set while (sleeping the given timeout). I'm not entirely sure if matching poll() behavior is a good idea for a single FD, but it's better than segfaulting or NoMemoryError. * thread.c (init_set_fd): ignore negative FD * test/-ext-/wait_for_single_fd/test_wait_for_single_fd.rb (test_wait_for_invalid_fd): check values which may trigger segfaults or OOM git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58925 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- test/-ext-/wait_for_single_fd/test_wait_for_single_fd.rb | 7 +++++++ thread.c | 3 +++ 2 files changed, 10 insertions(+) diff --git a/test/-ext-/wait_for_single_fd/test_wait_for_single_fd.rb b/test/-ext-/wait_for_single_fd/test_wait_for_single_fd.rb index d7bc827a6e..1141dd317c 100644 --- a/test/-ext-/wait_for_single_fd/test_wait_for_single_fd.rb +++ b/test/-ext-/wait_for_single_fd/test_wait_for_single_fd.rb @@ -22,6 +22,13 @@ class TestWaitForSingleFD < Test::Unit::TestCase end def test_wait_for_invalid_fd + # Negative FDs should not cause NoMemoryError or segfault when + # using select(). For now, match the poll() implementation + # used on Linux, which sleeps the given amount of time given + # when fd is negative (as documented in the Linux poll(2) manpage) + assert_equal 0, IO.wait_for_single_fd(-999, RB_WAITFD_IN, 0) + assert_equal 0, IO.wait_for_single_fd(-1, RB_WAITFD_OUT, 0) + # FreeBSD 8.2 or prior sticks this # http://bugs.ruby-lang.org/issues/5524 skip if /freebsd[1-8]/ =~ RUBY_PLATFORM diff --git a/thread.c b/thread.c index 76fb1360c9..4d954c76de 100644 --- a/thread.c +++ b/thread.c @@ -3969,6 +3969,9 @@ rb_wait_for_single_fd(int fd, int events, struct timeval *tv) static rb_fdset_t * init_set_fd(int fd, rb_fdset_t *fds) { + if (fd < 0) { + return 0; + } rb_fd_init(fds); rb_fd_set(fd, fds);