>*** bit out of range 0 - FD_SETSIZE on fd_set ***: terminated
Um, yikes. That's ... odd. That looks like it comes from:
FD_SET(nsc->ns_readfd, &rfds);
in sbr/netsec.c, in netsec_fillread(). Unless there is a file descriptor
leak somewhere, I don't understand how nsc->ns_readfd got too big for
FD_SETSIZE, unless maybe a buffer overflow overwrite nsc->ns_readfd.
That's malloc'd memory, so possible a buffer was overwritten and it
clobbered that. If you could figure out what the value of ns_readfd was
that would be interesting.
--Ken
