From 7153bd46745cd8695ebfd74c5111d85a424ace4a Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 2 Jan 2019 11:57:00 +0200 Subject: [PATCH] eloop: Fix fd_table allocation for epoll and kqueue The previous implementation did not work if the first registered socket had fd > 16 or if the fd was more than double the largest value used in previous registrations. Those cases could result in too small a memory allocation being used and writes/reads beyond the end of that buffer. This fix is applicable to CONFIG_ELOOP_EPOLL=y and CONFIG_ELOOP_KQUEUE=y builds. Fixes: f0356ec85c46 ("eloop: Add epoll option for better performance") Signed-off-by: Jouni Malinen --- src/utils/eloop.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/utils/eloop.c b/src/utils/eloop.c index 436bc8c99..fb90d17a7 100644 --- a/src/utils/eloop.c +++ b/src/utils/eloop.c @@ -301,7 +301,7 @@ static int eloop_sock_table_add_sock(struct eloop_sock_table *table, #endif /* CONFIG_ELOOP_POLL */ #if defined(CONFIG_ELOOP_EPOLL) || defined(CONFIG_ELOOP_KQUEUE) if (new_max_sock >= eloop.max_fd) { - next = eloop.max_fd == 0 ? 16 : eloop.max_fd * 2; + next = new_max_sock + 16; temp_table = os_realloc_array(eloop.fd_table, next, sizeof(struct eloop_sock)); if (temp_table == NULL)