The documentation says that SOCKET_ERROR is returned and the error is set to WSAEFAULT if any of the input pointers point to unmapped memory. Signed-off-by: Torge Matthies <openglfreak(a)googlemail.com> --- dlls/ws2_32/socket.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/dlls/ws2_32/socket.c b/dlls/ws2_32/socket.c index b3dab22ae6e..1238f34aa1c 100644 --- a/dlls/ws2_32/socket.c +++ b/dlls/ws2_32/socket.c @@ -2384,6 +2384,15 @@ int WINAPI select( int count, fd_set *read_ptr, fd_set *write_ptr, TRACE( "read %p, write %p, except %p, timeout %p\n", read_ptr, write_ptr, except_ptr, timeout ); + if ((read_ptr && IsBadWritePtr(read_ptr, sizeof(*read_ptr))) + || (write_ptr && IsBadWritePtr(write_ptr, sizeof(*write_ptr))) + || (except_ptr && IsBadWritePtr(except_ptr, sizeof(*except_ptr))) + || (timeout && IsBadReadPtr(timeout, sizeof(*timeout)))) + { + SetLastError( WSAEFAULT ); + return -1; + } + FD_ZERO( &read ); FD_ZERO( &write ); FD_ZERO( &except ); -- 2.33.1