kmx git

Commit	Date	Message
5fbc00a3	2024-05-23T14:53:13	event_warn mmap format
9e89a407	2024-05-24T05:33:13	Fix Windows format warning in newer Visual Studio
525f5d0a	2024-05-10T20:00:37	ci: Switch `lukka/run-vcpkg` back to v7 Newer versions expect a vcpkg manifest.
ab338ab1	2024-05-20T09:19:28	ci: fix typo in matrix
7a9458c0	2024-05-20T17:17:45	Don't try to set SO_REUSEADDR and SO_REUSEPORT on Unix sockets (#1625)
66ee086b	2024-05-06T23:32:00	Fix conversion loses precision ssize_t to int in evthread_notify_base_default()
7afbdcf2	2024-05-06T23:31:27	Ensure that event had been removed in event_process_active_single_queue() It should not be possible, since only EVLIST_ACTIVE should be triggered from event_process_active_single_queue, but adding assert will not hurt.
8976100a	2024-05-17T17:06:49	unix: fail the operation when SO_REUSEPORT has no load balancing --------- Signed-off-by: Andy Pan <i@andypan.me>
832f5269	2024-05-17T16:54:22	aix: enable SO_REUSEPORT on AIX AIX 7.2.5 added the feature that would add the capability to distribute incoming connections across all listening ports. https://www.ibm.com/support/pages/how-get-better-listening-performance-multiple-listening-sockets-using-same-port-number-soreuseport --------- Signed-off-by: Andy Pan <i@andypan.me>
a41453ab	2024-05-09T17:34:15	Eliminate the redundant ev_uint64_t for eventfd --------- Signed-off-by: Andy Pan <i@andypan.me>
fc9bfd21	2024-05-07T22:15:40	Merge pull request #1649 from azat/be/BSD-connect-failures Fix tests failures due to incorrect handling of ECONNREFUSED on BSD
6d125f54	2024-05-06T15:28:48	Fix evbuffer_file_segment_new 64-bit support on Win32 (#1637) This fixes the problematic #define fstat _fstat which would only support files up to 2 GB. Also refactored it as evutil_fd_filesize to avoid exposing stat when not necessary.
af31823f	2024-05-05T16:43:23	Fix potential Null pointer dereference in bufferevent_openssl.c
3f7c1cba	2024-05-05T21:03:21	be: add a comment for handling ECONNREFUSED in bufferevent_readcb() Fixes: 3189eb000b6d8751223061930a019f85c284f985 ("be_sock: handle readv() returns ECONNREFUSED (freebsd 9.2)")
85a0ec9b	2024-05-06T08:50:36	be: make the code in bufferevent_socket_connect() more reliable There is one icky in case for windows: if (sa) { #ifdef _WIN32 if (bufferevent_async_can_connect_(bev)) { bufferevent_setfd(bev, fd); r = bufferevent_async_connect_(bev, fd, sa, socklen); if (r < 0) goto freesock; bufev_p->connecting = 1; result = 0; goto done; - } else + } else { #endif r = evutil_socket_connect_(&fd, sa, socklen); if (r < 0) // Previosly this line was executed // regardless of bufferevent_async_can_connect_(), but the case under // bufferevent_async_can_connect_() always does goto, so it is 100% the // same code, but just to make it more cleaner goto freesock; +#ifdef _WIN32 + } +#endif }
3201009b	2024-05-06T08:38:53	Revert "Remove dead code from bufferevent_socket_connect" That wasn't the dead code, since the `r` could be `2` in case of `ECONNREFUSED`, and it should trigger errorcb not the writecb. This is actually questionable should be call errorcb at all in case of connect() returns an error immediately, but I guess the reason was to make it compatible with others, ECONNREFUSED can be returned only for specific cases and only on BSD (AFAIK). While for instance EHOSTUNREACH is not. And after this change now all tests are passed on FreeBSD. Well, sometimes few tests fails due to timing issues, but in general looks good. Since even all tests in parallel passed: $ rm -f /tmp/libevent*log; bin/regress --list-tests \| awk '/^ / { print $1 }' \| xargs -I{} -P100 bash -c 'n={}; bin/regress --no-fork --verbose $n \|& tee /tmp/libevent-test-${n//\//_}.log' \|& grep -F ' [FAILED' \|& tee /tmp/libevent-tests.log And having green CI is crucial for libevent, not only because it is a rule of thumb for all projects, but also because in case of failures it will retry on and on, which will cause CI stuck. Fixes: bufferevent/bufferevent_connect_fail Fixes: bufferevent/bufferevent_connect_fail_eventcb Fixes: bufferevent/bufferevent_connect_fail_eventcb_defer This reverts commit 56e121310954cbee2310c5eb2a3000115186563d. Refs: https://github.com/libevent/libevent/pull/1100
c6a74ee0	2024-05-06T09:13:15	Merge branch 'test/fixes' -- more small fixes * test/fixes: test: mark http/timeout_read_server as retriable test: reset some static vars to avoid affecting other tests test: fix printing number of retries for FAILED message test: add debugging for bufferevent/bufferevent_connect_fail_eventcb* test: suppress logging for buffer/add_file_leak1
0f51ba66	2024-05-06T09:10:15	test: mark http/timeout_read_server as retriable
ba97d947	2024-05-05T21:35:46	test: reset some static vars to avoid affecting other tests
479b5ed6	2024-05-05T21:30:01	test: fix printing number of retries for FAILED message
d538f41f	2024-05-05T21:12:14	test: add debugging for bufferevent/bufferevent_connect_fail_eventcb*
2d4d1747	2024-05-05T22:15:56	test: suppress logging for buffer/add_file_leak1 Warnings from this test should be ignored: [warn] evbuffer_file_segment_materialize: mmap(5, 0, 0) failed: Invalid argument
6bb41ed0	2024-05-05T20:22:43	Merge branch 'test/fix-reports' * test/fix-reports: test: add proper message in case of test failure test: fix RETRYING message (add missing group prefix)
93a76aa2	2024-05-05T20:20:27	test: add proper message in case of test failure Right now it is impossible to understand what had been failed, but after: $ regress thread/conditions_simple thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING thread/conditions_simple (attempts left 2, delay 1 sec)] thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING thread/conditions_simple (attempts left 1, delay 1 sec)] thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING thread/conditions_simple (attempts left 0, delay 1 sec)] thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [conditions_simple FAILED] [FAILED thread/conditions_simple (attempts made -1)] 1/1 TESTS FAILED. (0 skipped)
d5745413	2024-05-05T20:15:22	test: fix RETRYING message (add missing group prefix) Before: $ regress thread/conditions_simple thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING conditions_simple (attempts left 2, delay 1 sec)] After: $ regress thread/conditions_simple thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING thread/conditions_simple (attempts left 2, delay 1 sec)]
5d45f4d9	2024-05-04T18:25:17	Simplifying apple-cmake-job
ccf4c74d	2024-05-04T12:40:36	Add ChangeLog-2.1/ChangeLog (aka 2.2) into dist package
d241fcab	2024-05-04T20:33:18	Add Privacy Manifest for App Store submissions Doc: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api From the API list, the libevent library only uses: - mach_absolute_time, but that one is avoided with HAVE_POSIX_MONOTONIC (default) instead of HAVE_MACH_MONOTONIC - fstat and stat in evbuffer_file_segment_new, which is covered by third-party SDK usage (0A2A.1) - fstat and stat in evutil_read_file_, which is used to read the "/etc/resolv.conf" and "/etc/hosts" files, for which there are no available supporting reasons
7ede5af6	2024-05-04T18:04:14	Updating deprecated GitHub actions (#1629) * Updating deprecated GitHub actions * code review: use commit hash for actions
ac96656c	2024-05-01T14:33:53	Bump github/codeql-action in the github-actions group Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.24.10 to 3.25.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/4355270be187e1b672a7a1c7c7bae5afdc1ab94a...d39d31e687223d841ef683f52467bd88e9b21c14) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
534da76d	2024-05-04T12:48:57	Merge pull request #1641 from Coeur/coeur/apple-cmake-job Adding apple-cmake-job for an iOS/tvOS/visionOS/watchOS build
f516e399	2024-05-04T17:42:26	Fix brew path on Apple Silicon (#1633) * Fix brew path on Apple Silicon * code review: `brew --prefix openssl` * code review: correct mbedtls path * code review: cmake does support autodetection of OPENSSL_ROOT_DIR
3c744cee	2024-05-01T14:55:29	fix linux retrying cmake
0428771a	2024-05-01T23:17:54	Remove redundant condition in function:event_base_once
71108830	2024-05-02T13:16:04	using xcode-version: latest-stable for xros support
b7fb04e8	2024-05-02T12:57:55	Adding apple-cmake-job for an iOS/tvOS/watchOS build
eec47a67	2024-04-30T15:59:58	Fix typos (#1634)
64decd48	2024-04-29T13:51:22	Fix potential Null pointer dereference in dns-example.c (#1601)
a584efaa	2024-04-22T14:47:34	Fix potential Null pointer dereference in time-test.c
aef201a9	2024-04-29T13:35:33	Change ident for EVFILT_USER to 0 and add a test (#1582) Conventionally, ident for EVFILT_USER is set to 0 to avoid collision of file descriptors, which is what other renowned networking frameworks like netty(java), mio(rust), gnet(go), swift-nio(swift), etc. do currently. Co-authored-by: Azat Khuzhin <azat@libevent.org>
cbbf209c	2024-04-29T13:31:34	Support SO_REUSEPORT on FreeBSD, DragonFly and Solaris (#1624) ## References - [The SO_REUSEPORT socket option on Linux](https://lwn.net/Articles/542629/) - [DragonFly Release 3.6](https://www.dragonflybsd.org/release36/) - [FreeBSD 12.0-RELEASE Release Notes](https://www.freebsd.org/releases/12.0R/relnotes/) - [SO_REUSEPORT on Solaris 11.4](https://docs.oracle.com/cd/E88353_01/html/E37843/setsockopt-3c.html) Co-authored-by: Azat Khuzhin <azat@libevent.org>
a9426941	2024-04-28T13:16:54	Fix CMake Deprecation Warning
73c0349e	2024-04-29T13:16:58	Fix evutil_parse_sockaddr_port documentation (#1628) In some IDE like Xcode, the list is interpreted as markdown instead of plain text
71d41cdf	2024-04-22T06:39:35	build: Add `Iphlpapi` to `Libs.private` in `*.pc` files on Windows It has been required since https://github.com/libevent/libevent/pull/923 at least for the `if_nametoindex` call.
1e6c0e72	2024-04-12T21:36:38	Do not set TCP keepalive on Unix sockets This commit disables the property of TCP keepalive on Unix domain sockets, because they essentially serve no purpose here, except for causing problems on Windows and macOS systems. Fixes #1615
147298a2	2024-04-24T11:14:47	Fix some comments Signed-off-by: dockercui <dockercui@aliyun.com>
6074d558	2024-04-17T10:36:47	Avoid calling read(2) on eventfd on each event-loop wakeup Register the eventfd with EPOLLET to enable edge-triggered notification where we don't need to read the data from the eventfd for every wakeup event. When the eventfd counter reaches the maximum value of the unsigned 64-bit, we rewind the counter and retry again. This optimization saves one system call on each event-loop wakeup, which eliminates the extra latency for epoll as the EVFILT_USER filter does for the kqueue.
e0a4574b	2024-04-15T07:41:48	Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/cache](https://github.com/actions/cache) \| `3` \| `4` \| \| [nick-fields/retry](https://github.com/nick-fields/retry) \| `2` \| `3` \| \| [coverallsapp/github-action](https://github.com/coverallsapp/github-action) \| `1.2.5` \| `2.2.3` \| \| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) \| `2.1.2` \| `2.3.1` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `2.2.4` \| `3.24.10` \| Updates `actions/cache` from 3 to 4 - [Release notes](https://github.com/actions/cache/releases) - [Commits](https://github.com/actions/cache/compare/v3...v4) Updates `nick-fields/retry` from 2 to 3 - [Release notes](https://github.com/nick-fields/retry/releases) - [Changelog](https://github.com/nick-fields/retry/blob/master/.releaserc.js) - [Commits](https://github.com/nick-fields/retry/compare/v2...v3) Updates `coverallsapp/github-action` from 1.2.5 to 2.2.3 - [Release notes](https://github.com/coverallsapp/github-action/releases) - [Upgrade guide](https://github.com/coverallsapp/github-action/blob/main/UPGRADE.md) - [Commits](https://github.com/coverallsapp/github-action/compare/09b709cf6a16e30b0808ba050c7a6e8a5ef13f8d...3dfc5567390f6fa9267c0ee9c251e4c8c3f18949) Updates `ossf/scorecard-action` from 2.1.2 to 2.3.1 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...0864cf19026789058feabb7e87baa5f140aac736) Updates `github/codeql-action` from 2.2.4 to 3.24.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...4355270be187e1b672a7a1c7c7bae5afdc1ab94a) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: nick-fields/retry dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: coverallsapp/github-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
80e25c02	2024-04-09T11:57:42	Enable dependabot for github actions
a4ec4cbe	2024-04-09T11:55:37	Hashpin workflows that use sensitive permisisons
9de85b58	2024-04-05T20:42:37	fix WSOptions enum value and extended payload length bug
6e390911	2024-04-10T17:42:01	Fix potential Null pointer dereference in regress_buffer.c
74217832	2024-04-10T15:47:57	Fix potential Null pointer dereference in regress.c
d6e88352	2024-04-10T17:45:03	Fix potential Null pointer dereference in regress_et.c
d45dca43	2024-04-10T17:39:36	Fix potential Null pointer dereference in regress_thread.c
2bdf1737	2024-04-10T16:18:27	Fix potential Null pointer dereference in regress_finalize.c
17796a2d	2024-04-10T15:32:54	Fix potential Null pointer dereference in regress_http.c
f9526e13	2024-04-10T15:16:21	Fix potential NULL pointer dereference in regress_bufferevent.c
fc48803d	2024-04-15T15:02:27	Fix potential Null pointer dereference in regress_zlib.c (#1597) Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>
c6e8f175	2024-04-07T19:37:55	Edit logo path to match new website directory
39073df8	2024-03-30T21:44:50	evutil: don't call memset before memcpy In `evutil_parse_sockaddr_port`, it would `memset` the `out` to zero, however, the `memset` is unnecessary before `memcpy`, and may cause undefined behavior if the `outlen` is invalid. This should close #1573.
4fd07f0e	2024-03-12T21:56:35	Upgrade vmactions to use linux runners (#1570) Co-authored-by: neil <neilgit@neilpang.com>
539f73e3	2024-02-20T09:30:22	Fix leak in evbuffer_add_file() on empty files Found by oss-fuzz, after coverage had been improved in google/oss-fuzz#11257 v2: adjust test v3: fix for windows (_get_osfhandle() crashes when called on closed fd) v4: fix for EVENT__DISABLE_MM_REPLACEMENT
b9e1fe74	2024-03-11T21:00:18	ci: disable netbsd and freebsd due to lack of runners For example for openbsd-cmake-job (7.2, NONE) This request was automatically failed because there were no enabled runners online to process the request for more than 1 days. And maybe this will fix the macos builds.
0054b9aa	2024-03-11T17:12:14	Enable the full TCP KeepAlive mechanism on Windows (#1568) #1532 implemented the full support of TCP Keep-Alives on UNIX-like OS's while leaving a `TODO` for Windows. This PR intends to resolve that `TODO`. ## References - [SIO_KEEPALIVE_VALS Control Code](https://learn.microsoft.com/en-us/windows/win32/winsock/sio-keepalive-vals) - [IPPROTO_TCP socket options](https://learn.microsoft.com/en-us/windows/win32/winsock/ipproto-tcp-socket-options) - [TCP_KEEPINVTL and TCP_KEEPIDLE - Socket Keep Alives not working](https://cygwin.com/pipermail/cygwin/2020-June/245436.html) - [Cygwin: tcp: Support TCP_KEEPIDLE, TCP_KEEPCNT, TCP_KEEPINTVL](https://sourceware.org/pipermail/cygwin-cvs/2020q3/014473.html) - [Add cross-platform support for keep-alive socket options](https://github.com/dotnet/corefx/pull/29963/files)
9c8860ec	2024-03-11T15:50:43	chore: remove repetitive words Signed-off-by: tgolang <seekseat@aliyun.com>
e66df92c	2024-03-07T16:19:11	Accept SOCK_NONBLOCK/SOCK_CLOEXEC in type argument of socketpair (#1567) Setting `SOCK_NONBLOCK` and `SOCK_CLOEXEC` in the `type` argument of `socketpair()` is widely supported across UNIX-like OS: Linux, *BSD, Solaris, etc., as is the `socket()`. This will conserve several extra system calls, we should use it where available. ### References - [socketpair(2) on Linux](https://man7.org/linux/man-pages/man2/socketpair.2.html#HISTORY) - [socketpair(2) on FreeBSD](https://man.freebsd.org/cgi/man.cgi?query=socketpair&sektion=2#DESCRIPTION) - [socketpair(2) on DragonFly](https://man.dragonflybsd.org/?command=socketpair&section=2) - [socketpair(2) on NetBSD](https://man.netbsd.org/socketpair.2#DESCRIPTION) - [socketpair(2) on OpenBSD](https://man.openbsd.org/socketpair.2) - [socketpair(3C) on Solaris](https://docs.oracle.com/cd/E88353_01/html/E37843/socketpair-3c.html) Changelog: - Set SOCK_NONBLOCK and SOCK_CLOEXEC in the type argument of socketpair - Avoid EPROTOTYPE on macOS and OpenBSD - Eliminate the warnings about unused variables - Add some comments
f2b3ce6b	2024-03-03T23:10:48	Merge pull request #1558 from azat/ratelimit-fixes Fix few issues found by oss-fuzz in bufferevent ratelimits
e4b87327	2024-02-20T08:58:04	Fix integer-overflow in ev_token_bucket_cfg_new Found by oss-fuzz, after coverage had been improved in https://github.com/google/oss-fuzz/pull/11257 v2: better check (found by CI for windows)
15e643d0	2024-03-03T14:49:34	Fix pread detection for cmake builds Otherwise it will use lseek()+read() - suboptimal
92109747	2024-03-02T10:45:49	Simplify TCP_KEEPALIVE_ABORT_THRESHOLD settings on Solaris
c4fb0f76	2024-02-20T08:58:04	Fix divide-by-zero in ev_token_bucket_get_tick_ Found by oss-fuzz, after coverage had been improved in https://github.com/google/oss-fuzz/pull/11257
ec8d7a5a	2024-02-20T08:54:14	ci: fix ABI check (#1510)
7eddd526	2024-02-20T07:56:24	Patch abi-compliance-checker to avoid endless loop
798547ac	2024-02-20T07:51:37	Force abi-check to use DWARF 3
e4869625	2024-02-20T08:01:23	Fix abi_check.sh by excluding .abi-check from cp cp: cannot copy a directory, './.abi-check', into itself, '/le/src/.abi-check/work/abi-check/src/libevent/current/.abi-check'
5bdfab76	2024-02-18T21:36:30	Debug abi check
f37c667c	2024-02-18T20:28:49	Add ABI check without deploy for PRs
551df0b2	2023-09-03T08:15:07	ci: try to fix ABI check by using newer version of ubuntu Looks like after upgrading ubuntu from 18.04 (that has 1.9 version of lvc abi tools) to 20.04 (that has 1.11) the abi-check started to timeout (works longer then 6 hours, while usually few minutes, and sometimes even faster was enough). Unlikely upgrading ubuntu will help, since 22.04 and 20.04 has the same version, but still, let's try. Refs: #1463
0dbd3eb3	2024-02-18T16:06:28	tests: add test for EV_SIGNAL with timeout Refs: https://github.com/libevent/libevent-book/issues/12
5cec3417	2024-02-19T08:21:11	Make Infer static analyzer happy (#1554)
ed35b30f	2023-10-23T16:52:19	Fix two compiler errors for unused variable and undefined function In buffer.c a variable "flags" and a label "done" are defined but never used if "EVENT__HAVEMMAP" is not defined. The code does not work on platforms which do not provide the function `socketpair()`. Introduce EVENT__HAVE_SOCKETPAIR flag which determines if `socketpair()` or `evutil_ersatz_socketpair()` is used.
95ed33e3	2024-02-18T22:08:54	Follow up for HTTP chunk size check (#1552)
f9939490	2024-02-18T21:19:41	Fix leak in evconnlistener_new_async() Fixes: https://github.com/libevent/libevent/issues/414
317911a1	2024-02-18T20:39:12	Fix util/monotonic_prc_fallback under FreeBSD Looks like there was garbage, since evutil_configure_monotonic_time_() does not reset evutil_monotonic_timer structure, while in case of fallback it uses two fields from it: - last_time - adjust_monotonic_clock Fixes: https://github.com/libevent/libevent/issues/1495
3cf996f0	2024-02-18T19:53:58	evutil: add a comment why no NULL check in evutil_inet_pton_scope()
5412b2c3	2024-02-18T19:40:00	bufferevent_ssl: fix freeing ctx in case of error in bufferevent_ssl_new_impl
c9793baa	2024-02-18T19:39:50	bufferevent_ssl: proper NULL checks
6e4ea6c3	2024-02-18T19:31:12	evthread: fix NULL dereference in evthread_setup_global_lock_()
2f27523e	2024-02-18T18:22:21	bufferevent_ssl: do not return NULL from upcast /src/le/libevent/bufferevent_ssl.c:863: error: Null Dereference pointer `bev_ssl` last assigned on line 855 could be null and is dereferenced at line 863, column 6. 861. r2 = start_writing(bev_ssl); 862. 863. if (bev_ssl->underlying) { ^ 864. if (events & EV_READ) 865. BEV_RESET_GENERIC_READ_TIMEOUT(bev);
53034936	2024-02-18T18:16:38	bufferevent_filter: do not allow upcast() to return NULL (fixes infer warning) /src/le/libevent/bufferevent_filter.c:234: error: Null Dereference pointer `bevf` last assigned on line 231 could be null and is dereferenced at line 234, column 6. 232. EVUTIL_ASSERT(bevf); 233. 234. if (bevf->bev.options & BEV_OPT_CLOSE_ON_FREE) { ^ 235. /* Yes, there is also a decref in bufferevent_decref_. 236. * That decref corresponds to the incref when we set
d9b5fe31	2024-02-18T18:03:38	evrpc: proper NULL checks (API function return value added) Note, that in order to do this evrpc_hook_add_meta() should have return value, so this is a minor ABI change, which should not affect C ABI, but still worth to mention. Anyway this will be done in 2.2 release and unlikely RPC subsystem is popular.
05ed7c8c	2024-02-18T18:00:57	bufferevent_pair: fix infer warnings due to upcast() return NULL The only user that is care about this is bufferevent_pair_get_partner(), so let's move the check there.
8feed7f1	2024-02-18T19:26:47	http: forbid chunks size with 0X prefix Co-authored-by: Ben Kallus <49924171+kenballus@users.noreply.github.com>
87cdcc18	2024-02-18T15:24:58	http: change error for corrupted requests to 400 Bad Request Previously it was 413 Request Entity Too Large, which was odd.
f1632e59	2024-02-18T15:24:33	http: check first byte of the chunk for 0x as well
e60d039d	2024-02-18T15:02:59	tests: add a test for malformed chunks v2: fix test for win32 (and it more correct in general)
92ea8476	2024-02-18T08:56:46	Forbid 0x/+/-/whitespace prefixes on HTTP chunk sizes (#1542) Currently, libevent's HTTP parser accepts and ignores 0x, +, and whitespace prefixes on chunk sizes. It also ignores - prefixes on chunk sizes of 0. This patch fixes that. There is a potential danger in the current behavior, which is that there exist HTTP implementations that interpret chunk sizes as their longest valid prefix. For those implementations, 0xa (for example) is equivalent to 0, and this may present a request smuggling risk when those implementations are used in conjunction with libevent. However, as far I'm aware, there is no HTTP proxy that both interprets 0xa as 0 and forwards it verbatim, so I think this is a low-risk bug that is acceptable to report in public.
da3c7b50	2024-02-18T12:07:07	Update link to the github package registry usage from github actions Ugh, old link even don't have any redirect, what is a pitty. [skip ci]
7870e85e	2024-01-24T13:19:23	install DESTINATION use CMAKE_INSTALL_<dir>

5fbc00a3

2024-05-23T14:53:13

event_warn mmap format

9e89a407

2024-05-24T05:33:13

Fix Windows format warning in newer Visual Studio

525f5d0a

2024-05-10T20:00:37

ci: Switch `lukka/run-vcpkg` back to v7 Newer versions expect a vcpkg manifest.

ab338ab1

2024-05-20T09:19:28

ci: fix typo in matrix

7a9458c0

2024-05-20T17:17:45

Don't try to set SO_REUSEADDR and SO_REUSEPORT on Unix sockets (#1625)

66ee086b

2024-05-06T23:32:00

Fix conversion loses precision ssize_t to int in evthread_notify_base_default()

7afbdcf2

2024-05-06T23:31:27

Ensure that event had been removed in event_process_active_single_queue() It should not be possible, since only EVLIST_ACTIVE should be triggered from event_process_active_single_queue, but adding assert will not hurt.

8976100a

2024-05-17T17:06:49

unix: fail the operation when SO_REUSEPORT has no load balancing --------- Signed-off-by: Andy Pan <i@andypan.me>

832f5269

2024-05-17T16:54:22

aix: enable SO_REUSEPORT on AIX AIX 7.2.5 added the feature that would add the capability to distribute incoming connections across all listening ports. https://www.ibm.com/support/pages/how-get-better-listening-performance-multiple-listening-sockets-using-same-port-number-soreuseport --------- Signed-off-by: Andy Pan <i@andypan.me>

a41453ab

2024-05-09T17:34:15

Eliminate the redundant ev_uint64_t for eventfd --------- Signed-off-by: Andy Pan <i@andypan.me>

fc9bfd21

2024-05-07T22:15:40

Merge pull request #1649 from azat/be/BSD-connect-failures Fix tests failures due to incorrect handling of ECONNREFUSED on BSD

6d125f54

2024-05-06T15:28:48

Fix evbuffer_file_segment_new 64-bit support on Win32 (#1637) This fixes the problematic #define fstat _fstat which would only support files up to 2 GB. Also refactored it as evutil_fd_filesize to avoid exposing stat when not necessary.

af31823f

2024-05-05T16:43:23

Fix potential Null pointer dereference in bufferevent_openssl.c

3f7c1cba

2024-05-05T21:03:21

be: add a comment for handling ECONNREFUSED in bufferevent_readcb() Fixes: 3189eb000b6d8751223061930a019f85c284f985 ("be_sock: handle readv() returns ECONNREFUSED (freebsd 9.2)")

85a0ec9b

2024-05-06T08:50:36

be: make the code in bufferevent_socket_connect() more reliable There is one icky in case for windows: if (sa) { #ifdef _WIN32 if (bufferevent_async_can_connect_(bev)) { bufferevent_setfd(bev, fd); r = bufferevent_async_connect_(bev, fd, sa, socklen); if (r < 0) goto freesock; bufev_p->connecting = 1; result = 0; goto done; - } else + } else { #endif r = evutil_socket_connect_(&fd, sa, socklen); if (r < 0) // Previosly this line was executed // regardless of bufferevent_async_can_connect_(), but the case under // bufferevent_async_can_connect_() always does goto, so it is 100% the // same code, but just to make it more cleaner goto freesock; +#ifdef _WIN32 + } +#endif }

3201009b

2024-05-06T08:38:53

Revert "Remove dead code from bufferevent_socket_connect" That wasn't the dead code, since the `r` could be `2` in case of `ECONNREFUSED`, and it should trigger errorcb not the writecb. This is actually questionable should be call errorcb at all in case of connect() returns an error immediately, but I guess the reason was to make it compatible with others, ECONNREFUSED can be returned only for specific cases and only on BSD (AFAIK). While for instance EHOSTUNREACH is not. And after this change now all tests are passed on FreeBSD. Well, sometimes few tests fails due to timing issues, but in general looks good. Since even all tests in parallel passed: $ rm -f /tmp/libevent*log; bin/regress --list-tests | awk '/^ / { print $1 }' | xargs -I{} -P100 bash -c 'n={}; bin/regress --no-fork --verbose $n |& tee /tmp/libevent-test-${n//\//_}.log' |& grep -F ' [FAILED' |& tee /tmp/libevent-tests.log And having green CI is crucial for libevent, not only because it is a rule of thumb for all projects, but also because in case of failures it will retry on and on, which will cause CI stuck. Fixes: bufferevent/bufferevent_connect_fail Fixes: bufferevent/bufferevent_connect_fail_eventcb Fixes: bufferevent/bufferevent_connect_fail_eventcb_defer This reverts commit 56e121310954cbee2310c5eb2a3000115186563d. Refs: https://github.com/libevent/libevent/pull/1100

c6a74ee0

2024-05-06T09:13:15

Merge branch 'test/fixes' -- more small fixes * test/fixes: test: mark http/timeout_read_server as retriable test: reset some static vars to avoid affecting other tests test: fix printing number of retries for FAILED message test: add debugging for bufferevent/bufferevent_connect_fail_eventcb* test: suppress logging for buffer/add_file_leak1

0f51ba66

2024-05-06T09:10:15

test: mark http/timeout_read_server as retriable

ba97d947

2024-05-05T21:35:46

test: reset some static vars to avoid affecting other tests

479b5ed6

2024-05-05T21:30:01

test: fix printing number of retries for FAILED message

d538f41f

2024-05-05T21:12:14

test: add debugging for bufferevent/bufferevent_connect_fail_eventcb*

2d4d1747

2024-05-05T22:15:56

test: suppress logging for buffer/add_file_leak1 Warnings from this test should be ignored: [warn] evbuffer_file_segment_materialize: mmap(5, 0, 0) failed: Invalid argument

6bb41ed0

2024-05-05T20:22:43

Merge branch 'test/fix-reports' * test/fix-reports: test: add proper message in case of test failure test: fix RETRYING message (add missing group prefix)

93a76aa2

2024-05-05T20:20:27

test: add proper message in case of test failure Right now it is impossible to understand what had been failed, but after: $ regress thread/conditions_simple thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING thread/conditions_simple (attempts left 2, delay 1 sec)] thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING thread/conditions_simple (attempts left 1, delay 1 sec)] thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING thread/conditions_simple (attempts left 0, delay 1 sec)] thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [conditions_simple FAILED] [FAILED thread/conditions_simple (attempts made -1)] 1/1 TESTS FAILED. (0 skipped)

d5745413

2024-05-05T20:15:22

test: fix RETRYING message (add missing group prefix) Before: $ regress thread/conditions_simple thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING conditions_simple (attempts left 2, delay 1 sec)] After: $ regress thread/conditions_simple thread/conditions_simple: [forking] FAIL /src/le/libevent/test/regress_thread.c:385: assert(n_signal == 0): 1 vs 0 [RETRYING thread/conditions_simple (attempts left 2, delay 1 sec)]

5d45f4d9

2024-05-04T18:25:17

Simplifying apple-cmake-job

ccf4c74d

2024-05-04T12:40:36

Add ChangeLog-2.1/ChangeLog (aka 2.2) into dist package

d241fcab

2024-05-04T20:33:18

Add Privacy Manifest for App Store submissions Doc: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api From the API list, the libevent library only uses: - mach_absolute_time, but that one is avoided with HAVE_POSIX_MONOTONIC (default) instead of HAVE_MACH_MONOTONIC - fstat and stat in evbuffer_file_segment_new, which is covered by third-party SDK usage (0A2A.1) - fstat and stat in evutil_read_file_, which is used to read the "/etc/resolv.conf" and "/etc/hosts" files, for which there are no available supporting reasons

7ede5af6

2024-05-04T18:04:14

Updating deprecated GitHub actions (#1629) * Updating deprecated GitHub actions * code review: use commit hash for actions

ac96656c

2024-05-01T14:33:53

Bump github/codeql-action in the github-actions group Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.24.10 to 3.25.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/4355270be187e1b672a7a1c7c7bae5afdc1ab94a...d39d31e687223d841ef683f52467bd88e9b21c14) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

534da76d

2024-05-04T12:48:57

Merge pull request #1641 from Coeur/coeur/apple-cmake-job Adding apple-cmake-job for an iOS/tvOS/visionOS/watchOS build

f516e399

2024-05-04T17:42:26

Fix brew path on Apple Silicon (#1633) * Fix brew path on Apple Silicon * code review: `brew --prefix openssl` * code review: correct mbedtls path * code review: cmake does support autodetection of OPENSSL_ROOT_DIR

3c744cee

2024-05-01T14:55:29

fix linux retrying cmake

0428771a

2024-05-01T23:17:54

Remove redundant condition in function:event_base_once

71108830

2024-05-02T13:16:04

using xcode-version: latest-stable for xros support

b7fb04e8

2024-05-02T12:57:55

Adding apple-cmake-job for an iOS/tvOS/watchOS build

eec47a67

2024-04-30T15:59:58

Fix typos (#1634)

64decd48

2024-04-29T13:51:22

Fix potential Null pointer dereference in dns-example.c (#1601)

a584efaa

2024-04-22T14:47:34

Fix potential Null pointer dereference in time-test.c

aef201a9

2024-04-29T13:35:33

Change ident for EVFILT_USER to 0 and add a test (#1582) Conventionally, ident for EVFILT_USER is set to 0 to avoid collision of file descriptors, which is what other renowned networking frameworks like netty(java), mio(rust), gnet(go), swift-nio(swift), etc. do currently. Co-authored-by: Azat Khuzhin <azat@libevent.org>

cbbf209c

2024-04-29T13:31:34

Support SO_REUSEPORT on FreeBSD, DragonFly and Solaris (#1624) ## References - [The SO_REUSEPORT socket option on Linux](https://lwn.net/Articles/542629/) - [DragonFly Release 3.6](https://www.dragonflybsd.org/release36/) - [FreeBSD 12.0-RELEASE Release Notes](https://www.freebsd.org/releases/12.0R/relnotes/) - [SO_REUSEPORT on Solaris 11.4](https://docs.oracle.com/cd/E88353_01/html/E37843/setsockopt-3c.html) Co-authored-by: Azat Khuzhin <azat@libevent.org>

a9426941

2024-04-28T13:16:54

Fix CMake Deprecation Warning

73c0349e

2024-04-29T13:16:58

Fix evutil_parse_sockaddr_port documentation (#1628) In some IDE like Xcode, the list is interpreted as markdown instead of plain text

71d41cdf

2024-04-22T06:39:35

build: Add `Iphlpapi` to `Libs.private` in `*.pc` files on Windows It has been required since https://github.com/libevent/libevent/pull/923 at least for the `if_nametoindex` call.

1e6c0e72

2024-04-12T21:36:38

Do not set TCP keepalive on Unix sockets This commit disables the property of TCP keepalive on Unix domain sockets, because they essentially serve no purpose here, except for causing problems on Windows and macOS systems. Fixes #1615

147298a2

2024-04-24T11:14:47

Fix some comments Signed-off-by: dockercui <dockercui@aliyun.com>

6074d558

2024-04-17T10:36:47

Avoid calling read(2) on eventfd on each event-loop wakeup Register the eventfd with EPOLLET to enable edge-triggered notification where we don't need to read the data from the eventfd for every wakeup event. When the eventfd counter reaches the maximum value of the unsigned 64-bit, we rewind the counter and retry again. This optimization saves one system call on each event-loop wakeup, which eliminates the extra latency for epoll as the EVFILT_USER filter does for the kqueue.

e0a4574b

2024-04-15T07:41:48

Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/cache](https://github.com/actions/cache) | `3` | `4` | | [nick-fields/retry](https://github.com/nick-fields/retry) | `2` | `3` | | [coverallsapp/github-action](https://github.com/coverallsapp/github-action) | `1.2.5` | `2.2.3` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.1.2` | `2.3.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `2.2.4` | `3.24.10` | Updates `actions/cache` from 3 to 4 - [Release notes](https://github.com/actions/cache/releases) - [Commits](https://github.com/actions/cache/compare/v3...v4) Updates `nick-fields/retry` from 2 to 3 - [Release notes](https://github.com/nick-fields/retry/releases) - [Changelog](https://github.com/nick-fields/retry/blob/master/.releaserc.js) - [Commits](https://github.com/nick-fields/retry/compare/v2...v3) Updates `coverallsapp/github-action` from 1.2.5 to 2.2.3 - [Release notes](https://github.com/coverallsapp/github-action/releases) - [Upgrade guide](https://github.com/coverallsapp/github-action/blob/main/UPGRADE.md) - [Commits](https://github.com/coverallsapp/github-action/compare/09b709cf6a16e30b0808ba050c7a6e8a5ef13f8d...3dfc5567390f6fa9267c0ee9c251e4c8c3f18949) Updates `ossf/scorecard-action` from 2.1.2 to 2.3.1 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...0864cf19026789058feabb7e87baa5f140aac736) Updates `github/codeql-action` from 2.2.4 to 3.24.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...4355270be187e1b672a7a1c7c7bae5afdc1ab94a) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: nick-fields/retry dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: coverallsapp/github-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

80e25c02

2024-04-09T11:57:42

Enable dependabot for github actions

a4ec4cbe

2024-04-09T11:55:37

Hashpin workflows that use sensitive permisisons

9de85b58

2024-04-05T20:42:37

fix WSOptions enum value and extended payload length bug

6e390911

2024-04-10T17:42:01

Fix potential Null pointer dereference in regress_buffer.c

74217832

2024-04-10T15:47:57

Fix potential Null pointer dereference in regress.c

d6e88352

2024-04-10T17:45:03

Fix potential Null pointer dereference in regress_et.c

d45dca43

2024-04-10T17:39:36

Fix potential Null pointer dereference in regress_thread.c

2bdf1737

2024-04-10T16:18:27

Fix potential Null pointer dereference in regress_finalize.c

17796a2d

2024-04-10T15:32:54

Fix potential Null pointer dereference in regress_http.c

f9526e13

2024-04-10T15:16:21

Fix potential NULL pointer dereference in regress_bufferevent.c

fc48803d

2024-04-15T15:02:27

Fix potential Null pointer dereference in regress_zlib.c (#1597) Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>

c6e8f175

2024-04-07T19:37:55

Edit logo path to match new website directory

39073df8

2024-03-30T21:44:50

evutil: don't call memset before memcpy In `evutil_parse_sockaddr_port`, it would `memset` the `out` to zero, however, the `memset` is unnecessary before `memcpy`, and may cause undefined behavior if the `outlen` is invalid. This should close #1573.

4fd07f0e

2024-03-12T21:56:35

Upgrade vmactions to use linux runners (#1570) Co-authored-by: neil <neilgit@neilpang.com>

539f73e3

2024-02-20T09:30:22

Fix leak in evbuffer_add_file() on empty files Found by oss-fuzz, after coverage had been improved in google/oss-fuzz#11257 v2: adjust test v3: fix for windows (_get_osfhandle() crashes when called on closed fd) v4: fix for EVENT__DISABLE_MM_REPLACEMENT

b9e1fe74

2024-03-11T21:00:18

ci: disable netbsd and freebsd due to lack of runners For example for openbsd-cmake-job (7.2, NONE) This request was automatically failed because there were no enabled runners online to process the request for more than 1 days. And maybe this will fix the macos builds.

0054b9aa

2024-03-11T17:12:14

Enable the full TCP KeepAlive mechanism on Windows (#1568) #1532 implemented the full support of TCP Keep-Alives on UNIX-like OS's while leaving a `TODO` for Windows. This PR intends to resolve that `TODO`. ## References - [SIO_KEEPALIVE_VALS Control Code](https://learn.microsoft.com/en-us/windows/win32/winsock/sio-keepalive-vals) - [IPPROTO_TCP socket options](https://learn.microsoft.com/en-us/windows/win32/winsock/ipproto-tcp-socket-options) - [TCP_KEEPINVTL and TCP_KEEPIDLE - Socket Keep Alives not working](https://cygwin.com/pipermail/cygwin/2020-June/245436.html) - [Cygwin: tcp: Support TCP_KEEPIDLE, TCP_KEEPCNT, TCP_KEEPINTVL](https://sourceware.org/pipermail/cygwin-cvs/2020q3/014473.html) - [Add cross-platform support for keep-alive socket options](https://github.com/dotnet/corefx/pull/29963/files)

9c8860ec

2024-03-11T15:50:43

chore: remove repetitive words Signed-off-by: tgolang <seekseat@aliyun.com>

e66df92c

2024-03-07T16:19:11

Accept SOCK_NONBLOCK/SOCK_CLOEXEC in type argument of socketpair (#1567) Setting `SOCK_NONBLOCK` and `SOCK_CLOEXEC` in the `type` argument of `socketpair()` is widely supported across UNIX-like OS: Linux, *BSD, Solaris, etc., as is the `socket()`. This will conserve several extra system calls, we should use it where available. ### References - [socketpair(2) on Linux](https://man7.org/linux/man-pages/man2/socketpair.2.html#HISTORY) - [socketpair(2) on FreeBSD](https://man.freebsd.org/cgi/man.cgi?query=socketpair&sektion=2#DESCRIPTION) - [socketpair(2) on DragonFly](https://man.dragonflybsd.org/?command=socketpair&section=2) - [socketpair(2) on NetBSD](https://man.netbsd.org/socketpair.2#DESCRIPTION) - [socketpair(2) on OpenBSD](https://man.openbsd.org/socketpair.2) - [socketpair(3C) on Solaris](https://docs.oracle.com/cd/E88353_01/html/E37843/socketpair-3c.html) Changelog: - Set SOCK_NONBLOCK and SOCK_CLOEXEC in the type argument of socketpair - Avoid EPROTOTYPE on macOS and OpenBSD - Eliminate the warnings about unused variables - Add some comments

f2b3ce6b

2024-03-03T23:10:48

Merge pull request #1558 from azat/ratelimit-fixes Fix few issues found by oss-fuzz in bufferevent ratelimits

e4b87327

2024-02-20T08:58:04

Fix integer-overflow in ev_token_bucket_cfg_new Found by oss-fuzz, after coverage had been improved in https://github.com/google/oss-fuzz/pull/11257 v2: better check (found by CI for windows)

15e643d0

2024-03-03T14:49:34

Fix pread detection for cmake builds Otherwise it will use lseek()+read() - suboptimal

92109747

2024-03-02T10:45:49

Simplify TCP_KEEPALIVE_ABORT_THRESHOLD settings on Solaris

c4fb0f76

2024-02-20T08:58:04

Fix divide-by-zero in ev_token_bucket_get_tick_ Found by oss-fuzz, after coverage had been improved in https://github.com/google/oss-fuzz/pull/11257

ec8d7a5a

2024-02-20T08:54:14

ci: fix ABI check (#1510)

7eddd526

2024-02-20T07:56:24

Patch abi-compliance-checker to avoid endless loop

798547ac

2024-02-20T07:51:37

Force abi-check to use DWARF 3

e4869625

2024-02-20T08:01:23

Fix abi_check.sh by excluding .abi-check from cp cp: cannot copy a directory, './.abi-check', into itself, '/le/src/.abi-check/work/abi-check/src/libevent/current/.abi-check'

5bdfab76

2024-02-18T21:36:30

Debug abi check

f37c667c

2024-02-18T20:28:49

Add ABI check without deploy for PRs

551df0b2

2023-09-03T08:15:07

ci: try to fix ABI check by using newer version of ubuntu Looks like after upgrading ubuntu from 18.04 (that has 1.9 version of lvc abi tools) to 20.04 (that has 1.11) the abi-check started to timeout (works longer then 6 hours, while usually few minutes, and sometimes even faster was enough). Unlikely upgrading ubuntu will help, since 22.04 and 20.04 has the same version, but still, let's try. Refs: #1463

0dbd3eb3

2024-02-18T16:06:28

tests: add test for EV_SIGNAL with timeout Refs: https://github.com/libevent/libevent-book/issues/12

5cec3417

2024-02-19T08:21:11

Make Infer static analyzer happy (#1554)

ed35b30f

2023-10-23T16:52:19

Fix two compiler errors for unused variable and undefined function In buffer.c a variable "flags" and a label "done" are defined but never used if "EVENT__HAVEMMAP" is not defined. The code does not work on platforms which do not provide the function `socketpair()`. Introduce EVENT__HAVE_SOCKETPAIR flag which determines if `socketpair()` or `evutil_ersatz_socketpair()` is used.

95ed33e3

2024-02-18T22:08:54

Follow up for HTTP chunk size check (#1552)

f9939490

2024-02-18T21:19:41

Fix leak in evconnlistener_new_async() Fixes: https://github.com/libevent/libevent/issues/414

317911a1

2024-02-18T20:39:12

Fix util/monotonic_prc_fallback under FreeBSD Looks like there was garbage, since evutil_configure_monotonic_time_() does not reset evutil_monotonic_timer structure, while in case of fallback it uses two fields from it: - last_time - adjust_monotonic_clock Fixes: https://github.com/libevent/libevent/issues/1495

3cf996f0

2024-02-18T19:53:58

evutil: add a comment why no NULL check in evutil_inet_pton_scope()

5412b2c3

2024-02-18T19:40:00

bufferevent_ssl: fix freeing ctx in case of error in bufferevent_ssl_new_impl

c9793baa

2024-02-18T19:39:50

bufferevent_ssl: proper NULL checks

6e4ea6c3

2024-02-18T19:31:12

evthread: fix NULL dereference in evthread_setup_global_lock_()

2f27523e

2024-02-18T18:22:21

bufferevent_ssl: do not return NULL from upcast /src/le/libevent/bufferevent_ssl.c:863: error: Null Dereference pointer `bev_ssl` last assigned on line 855 could be null and is dereferenced at line 863, column 6. 861. r2 = start_writing(bev_ssl); 862. 863. if (bev_ssl->underlying) { ^ 864. if (events & EV_READ) 865. BEV_RESET_GENERIC_READ_TIMEOUT(bev);

53034936

2024-02-18T18:16:38

bufferevent_filter: do not allow upcast() to return NULL (fixes infer warning) /src/le/libevent/bufferevent_filter.c:234: error: Null Dereference pointer `bevf` last assigned on line 231 could be null and is dereferenced at line 234, column 6. 232. EVUTIL_ASSERT(bevf); 233. 234. if (bevf->bev.options & BEV_OPT_CLOSE_ON_FREE) { ^ 235. /* Yes, there is also a decref in bufferevent_decref_. 236. * That decref corresponds to the incref when we set

d9b5fe31

2024-02-18T18:03:38

evrpc: proper NULL checks (API function return value added) Note, that in order to do this evrpc_hook_add_meta() should have return value, so this is a minor ABI change, which should not affect C ABI, but still worth to mention. Anyway this will be done in 2.2 release and unlikely RPC subsystem is popular.

05ed7c8c

2024-02-18T18:00:57

bufferevent_pair: fix infer warnings due to upcast() return NULL The only user that is care about this is bufferevent_pair_get_partner(), so let's move the check there.

8feed7f1

2024-02-18T19:26:47

http: forbid chunks size with 0X prefix Co-authored-by: Ben Kallus <49924171+kenballus@users.noreply.github.com>

87cdcc18

2024-02-18T15:24:58

http: change error for corrupted requests to 400 Bad Request Previously it was 413 Request Entity Too Large, which was odd.

f1632e59

2024-02-18T15:24:33

http: check first byte of the chunk for 0x as well

e60d039d

2024-02-18T15:02:59

tests: add a test for malformed chunks v2: fix test for win32 (and it more correct in general)

92ea8476

2024-02-18T08:56:46

Forbid 0x/+/-/whitespace prefixes on HTTP chunk sizes (#1542) Currently, libevent's HTTP parser accepts and ignores 0x, +, and whitespace prefixes on chunk sizes. It also ignores - prefixes on chunk sizes of 0. This patch fixes that. There is a potential danger in the current behavior, which is that there exist HTTP implementations that interpret chunk sizes as their longest valid prefix. For those implementations, 0xa (for example) is equivalent to 0, and this may present a request smuggling risk when those implementations are used in conjunction with libevent. However, as far I'm aware, there is no HTTP proxy that both interprets 0xa as 0 and forwards it verbatim, so I think this is a low-risk bug that is acceptable to report in public.

da3c7b50

2024-02-18T12:07:07

Update link to the github package registry usage from github actions Ugh, old link even don't have any redirect, what is a pitty. [skip ci]

7870e85e

2024-01-24T13:19:23

install DESTINATION use CMAKE_INSTALL_<dir>

kc3-lang/libevent

Log