From 888a62e2c81370ab32e9bc790f12419148bd8972 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 4 Nov 2016 09:44:04 +0100
Subject: swrap: Add sanity check in socket_wrapper_max_sockets()

CID 153962

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
---
 src/socket_wrapper.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/socket_wrapper.c b/src/socket_wrapper.c
index ece5a10..186b696 100644
--- a/src/socket_wrapper.c
+++ b/src/socket_wrapper.c
@@ -259,6 +259,8 @@ do { \
  */
 #define SOCKET_WRAPPER_MAX_SOCKETS_DEFAULT 65535
 
+#define SOCKET_WRAPPER_MAX_SOCKETS_LIMIT 256000
+
 /* This limit is to avoid broadcast sendto() needing to stat too many
  * files.  It may be raised (with a performance cost) to up to 254
  * without changing the format above */
@@ -1141,6 +1143,11 @@ static size_t socket_wrapper_max_sockets(void)
 	if (s == endp) {
 		goto done;
 	}
+	if (tmp == 0 || tmp > SOCKET_WRAPPER_MAX_SOCKETS_LIMIT) {
+		SWRAP_LOG(SWRAP_LOG_ERROR,
+			  "Invalid number of sockets specified, using default.");
+		goto done;
+	}
 
 	max_sockets = tmp;
 
-- 
cgit