From cb72110db2d80e522c199bde20d5c0857c0620fd Mon Sep 17 00:00:00 2001
From: Jason Rumney <jasonr@gnu.org>
Date: Wed, 27 Aug 2003 22:57:54 +0000
Subject: [PATCH] (sys_pipe): Protect against file descriptor overflow.

---
 src/w32.c | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/src/w32.c b/src/w32.c
index 744cc593133..f9739999478 100644
--- a/src/w32.c
+++ b/src/w32.c
@@ -3450,11 +3450,22 @@ sys_pipe (int * phandles)
 
   if (rc == 0)
     {
-      flags = FILE_PIPE | FILE_READ | FILE_BINARY;
-      fd_info[phandles[0]].flags = flags;
+      /* Protect against overflow, since Windows can open more handles than
+	 our fd_info array has room for.  */
+      if (phandles[0] >= MAXDESC || phandles[1] >= MAXDESC)
+	{
+	  _close (phandles[0]);
+	  _close (phandles[1]);
+	  rc = -1;
+	}
+      else
+	{
+	  flags = FILE_PIPE | FILE_READ | FILE_BINARY;
+	  fd_info[phandles[0]].flags = flags;
 
-      flags = FILE_PIPE | FILE_WRITE | FILE_BINARY;
-      fd_info[phandles[1]].flags = flags;
+	  flags = FILE_PIPE | FILE_WRITE | FILE_BINARY;
+	  fd_info[phandles[1]].flags = flags;
+	}
     }
 
   return rc;
-- 
2.39.2