DEBUG: fd: make sure we never try to insert/delete an impossible FD number

It's among the cases that would provoke memory corruption, let's add some tests against negative FDs and those larger than the table. This must never ever happen and would currently result in silent corruption or a crash. Better have a noticeable one exhibiting the call chain if that were to happen.
2025-08-07 07:37:02 +02:00 · 2022-01-31 20:05:02 +01:00 · 2022-01-31 20:05:02 +01:00 · 9aa324de2d
commit 9aa324de2d
parent 5ea9fa62e2
2 changed files with 10 additions and 0 deletions
--- a/include/haproxy/fd.h
+++ b/include/haproxy/fd.h
@ -319,6 +319,11 @@ static inline void fd_insert(int fd, void *owner, void (*iocb)(int fd), unsigned
 {
 	extern void sock_conn_iocb(int);

+	/* This must never happen and would definitely indicate a bug, in
+	 * addition to overwriting some unexpected memory areas.
+	 */
+	BUG_ON(fd < 0 || fd >= global.maxsock);
+
 	fdtab[fd].owner = owner;
 	fdtab[fd].iocb = iocb;
 	fdtab[fd].state = 0;
--- a/src/fd.c
+++ b/src/fd.c
@ -336,6 +336,11 @@ void _fd_delete_orphan(int fd)
 */
 void fd_delete(int fd)
 {
+	/* This must never happen and would definitely indicate a bug, in
+	 * addition to overwriting some unexpected memory areas.
+	 */
+	BUG_ON(fd < 0 || fd >= global.maxsock);
+
 	/* we must postpone removal of an FD that may currently be in use
 	 * by another thread. This can happen in the following two situations:
 	 *   - after a takeover, the owning thread closes the connection but