Hello Chicken users, Recently a buffer overrun error was discovered in Chicken's thread scheduler. This buffer overrun is triggered on UNIX-like OSes when a file descriptor with an integer value higher than FD_SETSIZE gets opened due to the way the POSIX select() function is currently being used.
Every Chicken program which accepts a potentially unlimited number of incoming network connections or otherwise opens an unlimited number of file descriptors is potentially vulnerable to an application crash. Currently a patch is being developed. In the meanwhile an effective workaround is to limit the maximum number of open descriptors using the Unix "ulimit -n" command. Please verify the maximum number of descriptors supported safely by Chicken by compiling following one-line program using csc and then running the resulting binary: (print (foreign-value "FD_SETSIZE" int)) Simply ensure that the programs you want to protect run under a maximum number of open files ulimit that matches this number (or lower). lease note that this bug also affects people using the "high-load-scheduler" egg, which provides an alternative scheduler implementation. On Windows, there is no buffer overrun danger, but there is a potential problem of threads never waking up; there is currently no known workaround for this. References ---------- https://lists.ubuntu.com/archives/ubuntu-devel/2010-September/031446.html http://sourceware.org/bugzilla/show_bug.cgi?id=10352 http://pubs.opengroup.org/onlinepubs/007908799/xsh/poll.html http://netbsd.gw.com/cgi-bin/man-cgi?select++NetBSD-current Kind regards, The Chicken team _______________________________________________ Chicken-users mailing list Chicken-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-users
