From fd00158772ce60d8a4bf4b40468dabaf8730f6b3 Mon Sep 17 00:00:00 2001
From: "alexei.volkov.bugs%sun.com" <alexei.volkov.bugs%sun.com>
Date: Thu, 7 Sep 2006 23:33:39 +0000
Subject: [PATCH] 351470: setuid root programs linked with NSPR allow elevation
 of privilege. r=nelson, sr=wtc

---
 nsprpub/pr/src/io/prfdcach.c | 8 ++++++++
 nsprpub/pr/src/misc/pratom.c | 2 ++
 2 files changed, 10 insertions(+)

diff --git a/nsprpub/pr/src/io/prfdcach.c b/nsprpub/pr/src/io/prfdcach.c
index aea19dff47d..d1277fcd2f2 100644
--- a/nsprpub/pr/src/io/prfdcach.c
+++ b/nsprpub/pr/src/io/prfdcach.c
@@ -277,6 +277,14 @@ void _PR_InitFdCache(void)
     if (NULL != low) _pr_fd_cache.limit_low = atoi(low);
     if (NULL != high) _pr_fd_cache.limit_high = atoi(high);
 
+    if (_pr_fd_cache.limit_low < 0)
+        _pr_fd_cache.limit_low = 0;
+    if (_pr_fd_cache.limit_low > FD_SETSIZE)
+        _pr_fd_cache.limit_low = FD_SETSIZE;
+
+    if (_pr_fd_cache.limit_high > FD_SETSIZE)
+        _pr_fd_cache.limit_high = FD_SETSIZE;
+
     if (_pr_fd_cache.limit_high < _pr_fd_cache.limit_low)
         _pr_fd_cache.limit_high = _pr_fd_cache.limit_low;
 
diff --git a/nsprpub/pr/src/misc/pratom.c b/nsprpub/pr/src/misc/pratom.c
index 24028e56bda..35b86c0dbcd 100644
--- a/nsprpub/pr/src/misc/pratom.c
+++ b/nsprpub/pr/src/misc/pratom.c
@@ -120,6 +120,8 @@ int index;
 
 		if (num_atomic_locks > MAX_ATOMIC_LOCKS)
 			num_atomic_locks = MAX_ATOMIC_LOCKS;
+		else if (num_atomic_locks < 1) 
+			num_atomic_locks = 1;
 		else {
 			num_atomic_locks = PR_FloorLog2(num_atomic_locks);
 			num_atomic_locks = 1L << num_atomic_locks;