kc3-lang/libevent

• Browse

  Commit

• Author : Nick Mathewson
  Date : 2015-01-05 08:42:32
  Hash : 20d6d445
  Message : Fix CVE-2014-6272 in Libevent 2.0 For this fix, we need to make sure that passing too-large inputs to the evbuffer functions can't make us do bad things with the heap. Also, lower the maximum chunk size to the lower of off_t, size_t maximum. This is necessary since otherwise we could get into an infinite loop if we make a chunk that 'misalign' cannot index into.