On Thu, Mar 10, 2022 at 05:33:28PM +0100, Martin Vahlensieck wrote: > Hi > > This pulls up and adjusts the check if i exceeds the bounds of pfds. > Before it was technically wrong, as i > NPFDS means that the last > write (i == NPFDS) was already out of bounds. I see no reason to pull up the check but the if condition should indeed be greater or equal. One could consider to change this into an assert() but I think I stick with the errx().
> Martin > > > Index: http.c > =================================================================== > RCS file: /cvs/src/usr.sbin/rpki-client/http.c,v > retrieving revision 1.53 > diff -u -p -r1.53 http.c > --- http.c 10 Feb 2022 11:10:40 -0000 1.53 > +++ http.c 10 Mar 2022 16:28:48 -0000 > @@ -1820,6 +1820,10 @@ proc_http(char *bind_addr, int fd) > if (timeout == INFTIM || diff < timeout) > timeout = diff; > } > + > + if (i >= NPFDS) > + errx(1, "too many connections"); > + > if (conn->state == STATE_WRITE_DATA) > pfds[i].fd = conn->req->outfd; > else > @@ -1828,8 +1832,6 @@ proc_http(char *bind_addr, int fd) > pfds[i].events = conn->events; > conn->pfd = &pfds[i]; > i++; > - if (i > NPFDS) > - errx(1, "too many connections"); > } > LIST_FOREACH(conn, &idle, entry) { > if (conn->idle_time <= now) > @@ -1840,12 +1842,14 @@ proc_http(char *bind_addr, int fd) > if (timeout == INFTIM || diff < timeout) > timeout = diff; > } > + > + if (i >= NPFDS) > + errx(1, "too many connections"); > + > pfds[i].fd = conn->fd; > pfds[i].events = POLLIN; > conn->pfd = &pfds[i]; > i++; > - if (i > NPFDS) > - errx(1, "too many connections"); > } > > if (poll(pfds, i, timeout) == -1) { > -- :wq Claudio