From nobody Fri May  1 20:11:48 2026
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4g6hyZ3Djhz6cCFN;
	Fri, 01 May 2026 20:11:50 +0000 (UTC)
	(envelope-from markj@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R12" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4g6hyZ2kPkz3dN1;
	Fri, 01 May 2026 20:11:50 +0000 (UTC)
	(envelope-from markj@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1777666310;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=8IYUFdtA5O+Dp2Kw4w0FatLNTysWZU0sdC4TX7KSq9s=;
	b=U4JrCFIF0UXk+XChaM6WyFRrkDmUiUipMnRyjXF+6zxrH//7Eaw6PwbgOjpxBPVfYH+8JQ
	b8EFf+Q4+BAxhNMWOrCPhqkxfrQ/Z+oJ6TKTObEhi12mDBvUA3JIiUvjG/abfYKA0pvGIH
	PR78iFX9XSI8zSr/ewuRx60gTjNz9vWLj8pR+NDPViVBfcGn58G15NN4JT6c/b+weTp1WR
	LI2Cyh1b8hU50OCYV6oSibKtvD7XPV/BO/svmPf/5/K7jM5w3aG2H7cpFW8iHfXJFG2Nt+
	L3GXoZYBHAyBAXgxkXJn3cE/MLnz3RwRB60wl2Ybjoskumngu3bYlmjMioq/SQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1777666310; a=rsa-sha256; cv=none;
	b=k4bi0xztAgCh6spsPWHSt8f1PQ74fm+rbHHZLOATeOFuzwM3L2zmOJd1Oq13wjbJHAnk2H
	AVVhjrWmD6uytGppp1Jms4v2KunQAx509X7OfeWmLceSWMf7IclzbBWiAIUq3mHf+F8bp3
	J3sq1ox/5uTGaZt5jn+vVQcg2Fjs6GpOwt6NTn+6RWMBZh+zZyXMXwZc3ThywPt5kj2n4d
	18Ze5V8S1+iJRpCA3EwOm3vpJI4a2GodRHW1rcejaCAg5LoN12ltqwHtBQc7z+fNlZMBGg
	A8sBic6/+QY/wUsKELrQXYBKc/lXTZWQIdKTq3yd3k7crISu0PmteUSo2IVWBA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1777666310;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=8IYUFdtA5O+Dp2Kw4w0FatLNTysWZU0sdC4TX7KSq9s=;
	b=w7o3GuuDWsoMrsW75yFsL7fgOOaEqq3KNh7UOdt4N88p8l5qYhJfH2EuuiY6T9BHeM4HTM
	OURzMtTzWwQU5HKKfn4U2Xl5ZEzjqTb1HF//5PDpsEJcuUxGXUApgd3Y8s1NEn9wlEbOEK
	HYA9/Go/xL7Vp7+lWZBItJ/WegqZn/eKC+d6lqXIKCMKvYTrCfCDlme5clSA+DkfLP4hJc
	TIJR8WJQp4sCOpSP+RscRIqkV3/BIcG8ES6WE+qieaC8we1rhhHGIFpRd4j2FeTTgjVNMD
	FnsNKUM4hvqjFw+uO48ItXJHLVUC1qmzHLXhtgsikEIr7ecELI7ebiGZ8Ac/pw==
Received: from nuc (192-0-220-237.cpe.teksavvy.com [192.0.220.237])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: markj)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4g6hyY6xnZz1NFs;
	Fri, 01 May 2026 20:11:49 +0000 (UTC)
	(envelope-from markj@freebsd.org)
Date: Fri, 1 May 2026 16:11:48 -0400
From: Mark Johnston <markj@freebsd.org>
To: Oliver Pinter <oliver.pntr@gmail.com>
Cc: "src-committers@freebsd.org" <src-committers@freebsd.org>,
	"dev-commits-src-all@freebsd.org" <dev-commits-src-all@freebsd.org>,
	"dev-commits-src-main@freebsd.org" <dev-commits-src-main@freebsd.org>,
	Mariusz Zaborski <oshogbo@freebsd.org>
Subject: Re: git: f5ea3dce2cbe - main - libnv: switch fd_wait() from
 select(2) to poll(2)
Message-ID: <afUJBGczsjXZ8yxD@nuc>
References: <69f219fc.3d583.73783562@gitrepo.freebsd.org>
 <CAPjTQNGzzY4sgCdKy0wrO2ipyYA1yefLhbbDE0RV2qFDCy06Hg@mail.gmail.com>
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAPjTQNGzzY4sgCdKy0wrO2ipyYA1yefLhbbDE0RV2qFDCy06Hg@mail.gmail.com>

On Fri, May 01, 2026 at 09:11:17AM +0100, Oliver Pinter wrote:
> On Wednesday, April 29, 2026, Mark Johnston <markj@freebsd.org> wrote:
> 
> > The branch main has been updated by markj:
> >
> > URL: https://cgit.FreeBSD.org/src/commit/?id=
> > f5ea3dce2cbe1ee2068c5e5c11bb066f5789685b
> >
> > commit f5ea3dce2cbe1ee2068c5e5c11bb066f5789685b
> > Author:     Mariusz Zaborski <oshogbo@FreeBSD.org>
> > AuthorDate: 2026-04-28 14:35:10 +0000
> > Commit:     Mark Johnston <markj@FreeBSD.org>
> > CommitDate: 2026-04-29 14:39:28 +0000
> >
> >     libnv: switch fd_wait() from select(2) to poll(2)
> >
> >     The previous implementation used FD_SET() on a stack-allocated fd_set,
> >     which is an out-of-bounds write whenever the socket fd is >= FD_SETSIZE
> >     (1024).
> 
> 
> This problem seems like a more generic problem, after looking into
> sys/select.h
> 
> What about adding a check for the FD_SET about the variable is on the stack
> or not? And enforce the FD_SETSIZE limit almost the same way as it is
> already done with fortify source.

FORTIFY_SOURCE would automatically detect the addition of out-of-bounds
fds, so as a mitigation I would like to propose enabling it by default.

> 
> Maybe the https://lists.llvm.org/pipermail/llvm-dev/2013-October/066294.html
> can
> be used (or abused) to implement this check.
> 
> Feel free to correct me, if I'm wrong.