dest-unreach / socat / contrib / maxfds

Too many open file descriptors fix

Introduction

Daniel Lucq found a problem with socat and contributed a solution in form of a patch.

Message of the contributor

socat seems to run into problems when it's started while many file descriptors are already open (happened during a specific situation in a penetration test), in the sense that it just doesn't forward data between the two connections.

The problem seems to be in socat.c, where FOPEN_MAX is used hard-coded in the Select() invocations. If many file descriptors are already opened when socat is started, things opened by socat (files, sockets, etc.) may have file descriptors larger than FOPEN_MAX ... (apart from that, for a really large number of files, file descriptor numbers might even be larger than the fixed maximum size of fd_set, which would lead to out-of-array accesses by the FD_SET functions, I guess)

I've attached a small (very quick & dirty) patch which fixes this by dynamically allocating fd_set in/out/expt based upon the file descriptor numbers. I've tested this patch on OpenBSD 3.9/i386, FreeBSD 4.11/i386 and Fedora Core 5/i386, and things seem to work out, but I suppose more testing is needed (and there might be portability issues as well).

Requisites

Apply this patch to socat 1.6.0.0 source.

Download

This patch is an extension to Daniels original contribution that provides two tests of the specific situation and - as requisite to these tests - makes procan print information about FD_SETSIZE and FOPEN_MAX.

socat-maxfds.patch.gz

Status

A simpler fix that solves most situations is included in socat 1.6.0.1. With later versions it is intended to replace the select() call with poll() which would avoid any such problems.