1 /*
2 * Based on test by Dr. David Alan Gilbert <dave@treblig.org>
3 */
4 #include <assert.h>
5 #include <unistd.h>
6 #include <sys/select.h>
7
8 static fd_set set[0x1000000 / sizeof(fd_set)];
9
main()10 int main()
11 {
12 int fds[2];
13 struct timeval timeout = { .tv_sec = 0, .tv_usec = 100 };
14
15 (void) close(0);
16 (void) close(1);
17 assert(pipe(fds) == 0);
18
19 /*
20 * Start with a nice simple select.
21 */
22 FD_ZERO(set);
23 FD_SET(0, set);
24 FD_SET(1, set);
25 assert(select(2, set, set, set, NULL) == 1);
26
27 /*
28 * Now the crash case that trinity found, negative nfds
29 * but with a pointer to a large chunk of valid memory.
30 */
31 FD_ZERO(set);
32 FD_SET(1,set);
33 assert(select(-1, NULL, set, NULL, NULL) == -1);
34
35 /*
36 * Another variant, with nfds exceeding FD_SETSIZE limit.
37 */
38 FD_ZERO(set);
39 FD_SET(0,set);
40 assert(select(FD_SETSIZE + 1, set, set + 1, NULL, &timeout) == 0);
41
42 return 0;
43 }
44