kmx git

Commit	Date	Message
7652cf40	2023-05-14T16:53:13	ssl: do not triger EOF if some data had been successfully read Previously in case when evbuffer_reserve_space() returns > 1, but it was able to read only 1 IO vector, it will try to read the next one, got 0 (EOF for mbedTLS or SSL_ERROR_ZERO_RETURN for OpenSSL) and will trigger EOF, while instead, it should trigger EV_READ w/o EOF and only after EOF.
6375dcb4	2023-05-14T16:45:14	ssl: rename err_is_ok to handshake_is_ok (internal API)
d06e573c	2023-05-05T15:13:05	style fix: use tab for indent
bdb343e1	2023-05-04T09:49:28	ci: use newer actions/x versions for master jobs Now that the jobs are running again, a number of deprecation warnings have surfaced https://github.com/libevent/libevent/actions/runs/4876367881: ```bash Node.js 12 actions are deprecated. Please update the following actions to use Node.js 16: actions/checkout@v2.0.0. ``` Looks like the most straightforward thing todo here is just use the newer version of the checkout action. Also move to the v1 tag for the coveralls job, rather than a pinned, much older version (the latest release is 1.2.5, https://github.com/coverallsapp/github-action/releases). Same again for actions/cache.
21173669	2023-05-04T09:38:56	ci: use OpenBSD 7.2 over 7.1 In the most recent CI run, all the OpenBSD CI jobs failed, i.e https://github.com/libevent/libevent/actions/runs/4876367885/jobs/8699759831, this seems to be due to the fact that packages for 7.1 have been removed from https://cdn.openbsd.org/pub/OpenBSD/ (only has 7.2 & 7.3): ```bash Config file: openbsd-7.1.conf https://cdn.openbsd.org/pub/OpenBSD/7.1/packages/amd64/: no such dir Can't find rsync-3.2.3p0 Couldn't install rsync-3.2.3p0 exec shell: bash run.sh showDebugInfo ``` Switch to using 7.2, which is available, so that the CI will run.
60ad22d4	2023-05-03T16:28:58	actions: use supported version of Ubuntu It looks like these jobs are failing to run, because support for ubuntu-18.04 has been removed entirely, see: https://github.com/actions/runner-images/issues/6002. Migrate to ubuntu-20.04.
75208132	2023-04-21T04:33:22	doc: minor cleanups following #1441 (#1442) Also fixes 1 broken link (apologies).
612a74c7	2023-04-17T21:19:58	Merge pull request #1441 from fanquake/autoconf_doc_updates doc: minor autoconf/formatting improvements
ac69410e	2023-04-17T14:28:43	doc: mark Autotools as deprecated in building.md Re-arrange so CMake is mentioned first. Formatting improvements.
2470b37b	2023-04-17T14:22:30	doc: move autoconf link in readme to autoconf section.
4c993a0e	2023-04-11T04:44:37	Fix typo in changelog (#1438)
f747a7b9	2023-04-04T22:19:07	Prohibit VLA in autotools too
f04d90b1	2023-04-04T22:15:35	Fix building with -Wstack-protector due to VLA and fobid them It is not a thankless task to fix such issues on and on, let's just prohibit this cases, and our build with -Werror on CI will show new issues from now on. Fixes: #1434
1878232b	2023-02-13T15:57:55	build: split kqueue warning message into cross-compile and apple This is output when compiling (natively) on macOS systems, which is confusing, because no cross-compilation is involved. Split the message into separate cases.
fc568ff0	2023-03-17T19:53:50	Deal with partial writes on SSL write SSL write may do partial writes in some cases. For example, document of mbedtls_ssl_write says: If the return value is non-negative but less than length, the function must be called again with updated arguments: buf + ret, len - ret (if ret is the return value) until it returns a value equal to the last 'len' argument. In case of partial writes, we should continue writing the same chain of buffer, not the next chain.
9203d98f	2023-03-27T04:35:00	http: style fix: use space between arguments list (#1435)
6e1826dd	2023-03-08T21:34:37	ci: fix typo in yaml for cifuzz Follow-up for: #1431
606056d6	2023-03-06T21:22:10	ci: switch to ubuntu 20.04 github action reports "internal error" for builds on ubuntu 18.04: linux-cmake-job (ubuntu-18.04, COMPILER_CLANG) This is a scheduled Ubuntu-18.04 brownout. The Ubuntu-18.04 environment is deprecated and will be removed on April 1st, 2023. For more details, see https://github.com/actions/runner-images/issues/6002 linux-cmake-job (ubuntu-18.04, COMPILER_CLANG) GitHub Actions has encountered an internal error when running your job.
99a4b1a7	2023-03-06T14:26:11	ci: set minimal permissions on GitHub Actions Change made by setting top-level read-only permisisons, and any other necessary permissions set as job-level. Closes #1421 Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
6bfa5805	2023-03-05T23:59:21	http: Reduce times of checking if response has body (#1395) Use a variable 'need_body' to store the result of evhttp_response_needs_body(), then use the variable instead of call the function again.
185e2f00	2023-03-05T23:58:22	build: improve mbedtls searching on macOS with brew for cmake (#1419) This just copies the same logic used to find OpenSSL on macOS using homebrew, for finding mbedtls via brew. Without it, the build will fail out the box with a brew installed mbedtls.
4e6375e8	2023-03-05T16:56:56	Always have evutil_secure_rng_add_bytes available (#1427) When libevent doesn't provide random the arc4 function, but they come from libc, there is no need to call this function, so make it do nothing. Fixes: #1393
3a0cf34b	2023-03-04T22:29:09	ws-chat-server: fix potential resource leak
bac9d10a	2023-03-05T05:13:54	Fix potential null dereference in http-server (#1430) Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>
fa05966d	2023-03-05T05:12:04	test: fix potential null dereference in https_bind_ssl_bevcb (#1428) Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>
557990ca	2023-03-02T12:41:11	Optimize arc4random_uniform() (by syncing with OpenBSD implementation) 1. In d4de062, in Feb 2010, libevent adopted OpenBSD implementation of arc4random_uniform. 2. In https://github.com/openbsd/src/commit/728918cba93e0418bea2a73c9784f6b80c2a9dbd, in Jun 2012, OpenBSD improved their implementation to be faster, by changing arc4random_uniform() to calculate ``2**32 % upper_bound'' as ``-upper_bound % upper_bound''. Alternatively we can simply remove arc4random_uniform() since it is not used by libevent anyway, but let's just sync the header for now.
e96e98ae	2023-03-02T13:43:54	evdns: fix "Branch condition evaluates to a garbage value" in reply_parse
3bcc92cf	2023-03-02T13:59:32	Fix the value is never actually read from 'argument' in evhttp_parse_query_impl() Although the value stored to 'argument' is used in the enclosing expression, the value is never actually read from 'argument'
b84fee24	2023-03-02T14:07:44	Fix "Value stored to 'a' is never read" in SHA1Transform() Using same fix as used in android [1]. [1]: android.googlesource.com/platform/dalvik/+/android-4.4.2_r2/libdex/sha1.cpp#193
bcefdbc6	2023-02-14T09:56:03	Merge pull request #1418 from fanquake/use_fortify_source_3 build: use FORTIFY_SOURCE=3 in hardening option
e89ddd40	2023-02-13T16:06:29	build: use FORTIFY_SOURCE=3 in autotools build
38cd76f0	2023-02-13T16:05:58	build: use FORTIFY_SOURCE=3 in CMake build
28c28f07	2023-02-13T08:09:21	Merge pull request #1414 from azat/build/deprecate-autotools Deprecate autotools build
1df2a5a6	2023-02-12T17:05:20	test: enable allocator_may_return_null=1 for calloc with ENOMEM test
207ea62b	2023-02-12T16:46:40	test: handle -v as --verbose for regress
0ea20582	2023-02-12T21:39:04	test: add del_wait/del_notify tests for windows Test manually, since CI is too slow
c437b84a	2023-02-12T15:24:06	Remove extra builds for autotools on CI We have almost the same matrix for cmake and autotools, but autotools is considered to be deprecated from now on, plus our CI takes too much time, especially non-linux, since we are using public infrastucture. So let's remove extra builds.
f7e39d2e	2023-02-12T16:29:45	ci: bump cache and checkout plugins
b5a6940d	2023-02-12T16:11:02	ci: fix paths-ignore
7e6d9b0b	2023-02-12T15:20:30	.github/workflows/build.yml: remove trailing whitespaces
866b751b	2023-02-12T15:19:51	Deprecate autotools build
765fb410	2023-02-12T16:19:35	Fix compilation on non recent windows SDKs (#1399) In commit f8bb9d8 the header stringapiset.h was included, very likely because the user who made the change saw that the funciton WideCharToMultiByte is "declared" in there. That header tho is a recent addition to the windows headers added in the last years in an attempt from microsoft to split the windows.h header in multiple files, so the inclusion fails when the library is not built with the latest visual studio using the latest windows 10 sdk. That inclusion can be safely removed as in any case the function WideCharToMultiByte was already included by the windows.h header that is included few lines below.
61de8a07	2023-02-12T15:47:16	test: fix leaks in bufferevent_pair_release_lock (#1413)
a82b77bb	2023-02-12T09:56:54	Remove suppression for test_ok under TSan There is no such tests yet.
b5a5fbb8	2023-02-12T08:50:05	Merge branch 'tests-fixes' * tests-fixes: Add more ignore rules test: fix debug locks in case new lock gots old address test: suppress logs from the tests that produce them under normal circumstances test: fix TT_* flags values Suppress data race for test_ok variable Suppress data race for event_debug_created_threadable_ctx_ variable
b99106f3	2023-02-12T08:36:16	Add more ignore rules - for clangd - and compile_commands.json for it
c257e16f	2023-02-12T08:34:52	test: fix debug locks in case new lock gots old address Refs: #1407
fb900a28	2023-02-12T08:12:20	test: suppress logs from the tests that produce them under normal circumstances
1201bb85	2023-02-12T07:59:17	test: fix TT_* flags values
f0cb4b7f	2023-02-12T07:58:55	Suppress data race for test_ok variable
39be38ff	2023-02-12T07:58:29	Suppress data race for event_debug_created_threadable_ctx_ variable
f9134df7	2023-02-04T15:00:48	Add LEV_OPT_BIND_IPV4_AND_IPV6 flag (#1400) Libevent introduced the LEV_OPT_BIND_IPV6ONLY to pass to evconnlistener_new_bind to make it automatically set the underlying socket as accepting ipv6 requests. This works fine on posix compliant platforms as by the standard every new AF_INET6 socket is created as both supporting ipv6 and ipv4 connections. But on windows the default is the opposite, with the flag IPV6_V6ONLY being always enabled by default. This makes creating a listener to supports both protocols a bit more tricky as winsock doesn't allow changing this flag after evconnlistener_new_bind does all the initial setup because as stated in the docs, you can't change it after the sonnect connected, so one would have to manually create the socket beforehand and set the flag and then call evconnlistener_new with the socket itself. It would be nice to have libevent keep a consistent behaviour across the platforms in this scenario, maybe or by making it always set IPV6_V6ONLY to false unless LEV_OPT_BIND_IPV6ONLY is passed, in which case it's set to true, or add another flag to forcefully set it to false and keep the system dependent behaviour as default. So this patch add new option for libevent listeners to bind to both - LEV_OPT_BIND_IPV4_AND_IPV6
a5b0ded3	2023-02-04T14:56:53	Add config for vim/nvim
4d85d28a	2023-01-28T13:28:52	Fix pthread detection for regress tests on Android Fixes: #1403
35375101	2023-01-27T08:57:33	Fixes some new warnings under clang-15 - -Wdeprecated-non-prototype /src/le/libevent/strlcpy.c:48:1: warning: a function definition without a prototype is deprecated in all versions of C and is not supported in C2x [-Wdeprecated-non-prototype] event_strlcpy_(dst, src, siz) - -Wstrict-prototypes /src/le/libevent/evthread.c:82:70: warning: a function declaration without a prototype is deprecated in all versions of C [-Wstrict-prototypes] struct evthread_condition_callbacks *evthread_get_condition_callbacks() - -Wunused-but-set-variable /src/le/libevent/test/regress_buffer.c:130:6: warning: variable 'n' set but not used [-Wunused-but-set-variable] int n = 0; ^
3d138bda	2023-01-27T08:51:56	Allow evdns_base_new to succeed with no nameservers configured (#1389) * evdns-no-ns: Allow evdns_base_new to succeed with no nameservers configured Replace magic numbers with consts for evdns_base_resolv_conf_parse() errors
ebd7e8d7	2023-01-27T08:44:41	Allow evdns_base_new to succeed with no nameservers configured If resolv.conf has no nameservers, evdns_base_new can still succeed with the default of using the name server from localhost matching the man page documentation for resolv.conf.
a7fffb5c	2023-01-17T23:02:56	Replace magic numbers with consts for evdns_base_resolv_conf_parse() errors
c01cb1d6	2023-01-10T11:20:24	Fix ignoring return value of arc4random() warning (with _FORTIFY_SOURCE defined) arc4random() defines with __wur (warn-unused-return) macro in glibc, but the problem pops up only for gentoo, since only it really define __wur to __attribute__ ((__warn_unused_result__)), because it defines _FORTIFY_SOURCE unconditionally [1]. [1]: https://gitweb.gentoo.org/proj/gcc-patches.git/tree/9.4.0/gentoo/01_all_default-fortify-source.patch?id=7f7f80a650607c3090ae0790b8daef88434da681 And hence you get this error: ```sh docker run -v $PWD:/src:ro --rm --name le -w /src -it gentoo/stage3 bash -c 'mkdir /build && cd /build && /src/configure --enable-gcc-warnings=yes --disable-samples && make -j && echo OK' /src/evutil_rand.c: In function 'evutil_secure_rng_init': /src/evutil_rand.c:56:16: error: ignoring return value of 'arc4random' declared with attribute 'warn_unused_result' [-Werror=unused-result] 56 \| (void) arc4random(); \| ^~~~~~~~~~~~ cc1: all warnings being treated as errors make[1]: * [Makefile:2056: evutil_rand.lo] Error 1 make[1]: * Waiting for unfinished jobs.... make[1]: Leaving directory '/build' make: *** [Makefile:1523: all] Error 2 ``` Also it seems that GCC works as expected here [2], and will not change the behavior. [2]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425
94cc08fd	2023-01-15T20:56:56	Add CTestCostData.txt to gitignore
0b79a002	2023-01-02T17:06:48	buffer: use pread() for evbuffer_file_segment_materialize() If pread(2) is available, prefer it over double lseek(2) and read(2) in evbuffer_file_segment_materialize(). Signed-off-by: Dmitry Antipov <dantipov@cloudlinux.com>
1fe626c4	2022-12-16T00:34:25	Allow CLI override of CMAKE_DEBUG_POSTFIX (#1391) Allows cmake -DCMAKE_BUILD_TYPE=DEBUG -DCMAKE_DEBUG_POSTFIX= for a debug build with the regular library names.
d8ecb88f	2022-11-26T19:40:02	ci: add CIFuzz Github action (#1382) Signed-off-by: David Korczynski <david@adalogics.com> Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>
dfbb004a	2022-11-20T23:11:00	Fix script for updating contributors
82af0ea4	2022-11-20T22:18:37	cmake: remove redundant _GNU_SOURCE definition As reported by @francoisk: `_GNU_SOURCE` is defined in the private config header but also on the compiler command-line for every object. Fixes: #1333
097af7b7	2022-11-20T21:52:49	Merge branch 'release-2.2-changelog-prepare' * release-2.2-changelog-prepare: Changelog skeleton Start new changelog for 2.2
d179ae92	2022-11-20T21:52:12	Changelog skeleton
f40642ee	2022-11-13T22:09:12	Start new changelog for 2.2
e28b3bef	2022-11-20T21:50:40	Merge branch 'release-scripts' * release-scripts: Add a script to generate changelog Add a script to add new contributors Rellocate some text in CONTRIBUTORS.md
acd4cc63	2022-11-13T21:53:17	Add a script to generate changelog
7c8b3e99	2022-11-13T21:44:10	Add a script to add new contributors
d130d9f9	2022-11-13T21:32:44	Rellocate some text in CONTRIBUTORS.md
650d8619	2022-11-20T14:51:36	cmake: do influence CMAKE_DEBUG_POSTFIX of the outer project (if any) Consider the following example: $ touch lib.c $ cat > CMakeLists.txt <<EOL add_subdirectory(/src/le/libevent libevent EXCLUDE_FROM_ALL) add_library(lib lib.c) EOL $ mkdir .cmake $ cmake -DCMAKE_BUILD_TYPE=debug -G Ninja .. $ ninja $ ls *.a liblibd.a So now outer project also has "d" prefix for libraries. Let's avoid this by setting non-cached variable. Fixes: #1371
ed079c9f	2022-11-16T22:06:06	Add ws-chat-server to gitignore (#1376)
7a18af8c	2022-11-15T12:38:41	Exclude arc4random_buf implementation if it's already present in the platform (#1375) This patch excludes definition of arc4random_buf on systems where it is already present. When the symbol is found, the macro EVENT__HAVE_ARC4RANDOM_BUF is set via CMake's configure_file(..). Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>
cdeb3242	2022-11-13T14:05:43	Various documentation improvements (#842) * doc-pull: doc: add build prerequisites doc: add MSVC and GNUC options Fixes: #843
3d82675e	2019-06-22T00:03:36	doc: add build prerequisites [ci skip]
a3973a5a	2019-06-19T22:27:39	doc: add MSVC and GNUC options
8800b17a	2022-11-01T14:26:11	evdns: integrate deferred_response_callback into evdns_request the allocation of the struct deferred_reply_callback can fail. If that happens a program waiting for a callback never gets a callback. The program would asume that it either gets an error or a callback when e.g. calling evdns_base_resolve_ipv6. I did an analysis of the evdns.c code and concluded that struct evdns_request would live until the callback is executed. Based on that conclusion I removed the struct deferred_reply_callback and moved the neccessary fields for data which should be copied from struct request into struct evdns_request. The fields evdns_callback_type user_callback and void *user_pointer are moved into struct evdns_request as it is a more natural place for them to live than struct request.
45c66e48	2022-11-13T20:39:17	Add CI checks for OpenBSD (#1326) Initially 6.9 and 7.1 had been added, however due to some issues (you can read about them below) 6.9 had been disabled. netbsd 6.9 does not have correct library namings for autotools: 2022-08-17T04:59:58.8339420Z libtool: link: (cd ".libs" && rm -f "libevent.so.1.0" && ln -s "libevent-2.2.so.1.0" "libevent.so.1.0") $ grep ^library_names= libevent.la· library_names='libevent-2.2.so.1.0 libevent.so.1.0' # And this is wrong, it should be: libtool: link: (cd ".libs" && rm -f "libevent-2.2.so.1" && ln -s "libevent-2.2.so.1.0.0" "libevent-2.2.so.1") libtool: link: (cd ".libs" && rm -f "libevent.so" && ln -s "libevent-2.2.so.1.0.0" "libevent.so") library_names='libevent-2.2.so.1.0.0 libevent-2.2.so.1 libevent.so' And I think that 7.1 should also fail, however it has system-wide libevent installed with evdns in the libevent.so Also there are some issues with `TEST_EXPORT_SHARED` test, because of libraries naming: 2022-09-13T06:38:29.2150790Z [test-export] test for install tree(in system-wide path) 2022-09-13T06:38:29.2151500Z [test-export] fail: link core and run core expects success but gets failure. 2022-09-13T06:38:29.2063870Z /usr/bin/cc CMakeFiles/test-export.dir/test-export.c.o -o test-export -L/usr/local/lib -Wl,-z,origin,-rpath,/usr/local/lib -levent_core-2.2 -lpthread -Wl,-rpath-link,/usr/X11R6/lib:/usr/local/lib· 2022-09-13T06:38:29.2152190Z ld: error: unable to find library -levent_core-2.2 2022-09-13T06:38:28.3915680Z -- Install configuration: "Release" 2022-09-13T06:38:28.3916700Z -- Up-to-date: /usr/local/lib/libevent_core-2.2.so.1.0.0 2022-09-13T06:38:28.3917110Z -- Up-to-date: /usr/local/lib/libevent_core-2.2.so.1 2022-09-13T06:38:28.3917480Z -- Up-to-date: /usr/local/lib/libevent_core.so # no libevent_core-2.2.so So I have to disable it too. Co-authored-by: Azat Khuzhin <azat@libevent.org>
1af745d0	2022-10-25T11:30:34	signal: new signal handling backend based on signalfd Linux-specific signal handling backend based on signalfd(2) system call, and public function event_base_get_signal_method() to obtain an underlying kernel signal handling mechanism. Signed-off-by: Dmitry Antipov <dantipov@cloudlinux.com>
9e346936	2022-11-12T18:56:25	Ignore unknown pragmas Since new compilers has new checks (like -Wdangling-pointer), and so to avoid extra checks in cmake/autotools, simply suppress if the pragma is unknown.
72a4fe76	2022-11-12T18:59:41	ws-chat-server: fix session name initialization (using of uninitialized data)
c8c730c8	2022-11-12T18:56:03	cmake: tiny cleanup
56d380b9	2022-11-12T18:45:13	ws: ignore case while comparing values of Upgrade/Connection headers Cc: @widgetii Fixes: #1373
8482e227	2022-11-12T18:44:44	ws-chat-server: avoid SIGSEGV in case of evws_new_session() failure
dda05f45	2022-11-12T18:11:08	sample/ws-chat.html: allow to open it via file:// protocol
2dfad6c3	2022-11-12T18:06:09	Suppress -Wdangling-pointer in event_signal_closure() gcc 12 complains: [34/46] Building C object CMakeFiles/event_static.dir/event.c.o /src/le/libevent/event.c: In function ‘event_signal_closure’: /src/le/libevent/event.c:1384:32: warning: storing the address of local variable ‘ncalls’ in ‘*ev.ev_.ev_signal.ev_pncalls’ [-Wdangling-pointer=] 1384 \| ev->ev_pncalls = &ncalls; \| ~~~~~~~~~~~~~~~^~~~~~~~~ /src/le/libevent/event.c:1378:15: note: ‘ncalls’ declared here 1378 \| short ncalls; \| ^~~~~~ /src/le/libevent/event.c:1378:15: note: ‘ev’ declared here
e1d7d3e4	2022-11-12T17:56:51	sha1: ignore -Wstringop-overread warning Fixes the following: [4/38] Building C object CMakeFiles/event_shared.dir/sha1.c.o In function ‘SHA1Update’, inlined from ‘SHA1Final’ at /src/le/libevent/sha1.c:274:5, inlined from ‘builtin_SHA1’ at /src/le/libevent/sha1.c:292:5: /src/le/libevent/sha1.c:228:13: warning: ‘SHA1Transform’ reading 64 bytes from a region of size 7 [-Wstringop-overread] 228 \| SHA1Transform(context->state, (const unsigned char ()[64])&data[i]); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /src/le/libevent/sha1.c:228:13: note: referencing argument 2 of type ‘const unsigned char[64]’ /src/le/libevent/sha1.c: In function ‘builtin_SHA1’: /src/le/libevent/sha1.c:80:13: note: in a call to function ‘SHA1Transform’ 80 \| static void SHA1Transform(uint32_t state[5], const unsigned char buffer[64]) { \| ^~~~~~~~~~~~~
23a01aa2	2022-11-12T16:41:55	sha1: hide SHA1_CTX
ef8f8caa	2022-11-04T23:52:01	Fix syntax error (#1369)
ff99f67a	2022-11-04T01:59:17	fixed missing check for null after strdup in evutil_inet_pton_scope (#1366)
3ec3b469	2022-10-23T13:47:23	ws: fix compile error on centos 7 - very old compiler (#1359) * http: fix typo * ws: fix comile error On CentOS: CC ws.lo ws.c: In function 'get_ws_frame': ws.c:244:3: error: 'for' loop initial declarations are only allowed in C99 mode for (int i = 0; i < payload_len; i++) { ^ ws.c:244:3: note: use option -std=c99 or -std=gnu99 to compile your code
f04a70f0	2022-10-22T22:23:52	Fix data-race in ws code (#1360) @widgetii: " ================================================================= ==985==ERROR: AddressSanitizer: heap-use-after-free on address 0xb24323e5 at pc 0xb6a06f1c bp 0x9fffc694 sp 0x9fffc260 WRITE of size 2 at 0xb24323e5 thread T22 #0 0xb6a06f1b in __interceptor_memcpy.part.43 (/usr/lib/libasan.so.5+0x41f1b) 0xb24323e5 is located 229 bytes inside of 512-byte region [0xb2432300,0xb2432500) freed by thread T0 (app) here: #0 0xb6a849df in free (/usr/lib/libasan.so.5+0xbf9df) #1 0xb64b6e07 in evbuffer_drain (/usr/lib/libevent_core-2.2.so.1+0x9e07) previously allocated by thread T22 here: #0 0xb6a84d17 in __interceptor_malloc (/usr/lib/libasan.so.5+0xbfd17) #1 0xb64b3d1b (/usr/lib/libevent_core-2.2.so.1+0x6d1b) #2 0x61223 in onIceCandidateHandler /home/dima/git/app/src/webrtc/local.c:116 #3 0x19296f in onNewIceLocalCandidate /home/dima/git/webrtc-c/src/source/PeerConnection/PeerConnection.c:471 " * upstream/pr/1360: Remove bad copy-paste Add locks for server WS, fixes #1357
e8f5a61d	2022-10-12T22:15:21	Remove bad copy-paste
c2ecb4ac	2022-10-12T14:13:44	Add locks for server WS, fixes #1357
8f47d8de	2022-10-03T09:31:10	cmake: Fix Android build. Android/Bionic C library needs no special flags to have threading support. Found when trying to build with vcpkg.
285fc7cc	2022-10-08T19:26:24	Use heap-bases contexts for MbedTLS handles (#1355) @widgetii: "Recently after studying [https-client.c code](https://github.com/libevent/libevent/blob/master/sample/https-client.c#L532) I found that I cannot use MbedTLS with `bufferevent_mbedtls_socket_new` same way as for OpenSSL in other than hello-world code. In mentioned sample code, ssl context is created by `SSL_new()` (as heap-based pointer), but for MbedTLS stack value is used. The issue is in different semantics because OpenSSL is responsible for memory allocation and release for its context, but for MbedTLS it turns out user should do the same manually. I expect that in both cases, setting option `BEV_OPT_CLOSE_ON_FREE` will free all linked resources, but in case of MbedTLS I have memory leak after connection is closed. My proposal is: 1. Provide new `mbedtls_ssl_new` helper-function for end-user that do the same job as `SSL_new()` and use it and example in sample: ```c mbedtls_ssl_context mbedtls_ssl_new(const mbedtls_ssl_config conf) { mbedtls_ssl_context ssl = calloc(1, sizeof(ssl)); mbedtls_ssl_init(ssl); mbedtls_ssl_setup(ssl, conf); return ssl; } ``` 2. Add `free(ctx->ssl)` right after https://github.com/libevent/libevent/blob/master/bufferevent_mbedtls.c#L68" Fixes: #1354
aa163a4f	2022-10-04T21:42:30	Fix memleak in regress tests
10ed1f1c	2022-10-04T17:57:01	Change code for samples

7652cf40

2023-05-14T16:53:13

ssl: do not triger EOF if some data had been successfully read Previously in case when evbuffer_reserve_space() returns > 1, but it was able to read only 1 IO vector, it will try to read the next one, got 0 (EOF for mbedTLS or SSL_ERROR_ZERO_RETURN for OpenSSL) and will trigger EOF, while instead, it should trigger EV_READ w/o EOF and only after EOF.

6375dcb4

2023-05-14T16:45:14

ssl: rename err_is_ok to handshake_is_ok (internal API)

d06e573c

2023-05-05T15:13:05

style fix: use tab for indent

bdb343e1

2023-05-04T09:49:28

ci: use newer actions/x versions for master jobs Now that the jobs are running again, a number of deprecation warnings have surfaced https://github.com/libevent/libevent/actions/runs/4876367881: ```bash Node.js 12 actions are deprecated. Please update the following actions to use Node.js 16: actions/checkout@v2.0.0. ``` Looks like the most straightforward thing todo here is just use the newer version of the checkout action. Also move to the v1 tag for the coveralls job, rather than a pinned, much older version (the latest release is 1.2.5, https://github.com/coverallsapp/github-action/releases). Same again for actions/cache.

21173669

2023-05-04T09:38:56

ci: use OpenBSD 7.2 over 7.1 In the most recent CI run, all the OpenBSD CI jobs failed, i.e https://github.com/libevent/libevent/actions/runs/4876367885/jobs/8699759831, this seems to be due to the fact that packages for 7.1 have been removed from https://cdn.openbsd.org/pub/OpenBSD/ (only has 7.2 & 7.3): ```bash Config file: openbsd-7.1.conf https://cdn.openbsd.org/pub/OpenBSD/7.1/packages/amd64/: no such dir Can't find rsync-3.2.3p0 Couldn't install rsync-3.2.3p0 exec shell: bash run.sh showDebugInfo ``` Switch to using 7.2, which is available, so that the CI will run.

60ad22d4

2023-05-03T16:28:58

actions: use supported version of Ubuntu It looks like these jobs are failing to run, because support for ubuntu-18.04 has been removed entirely, see: https://github.com/actions/runner-images/issues/6002. Migrate to ubuntu-20.04.

75208132

2023-04-21T04:33:22

doc: minor cleanups following #1441 (#1442) Also fixes 1 broken link (apologies).

612a74c7

2023-04-17T21:19:58

Merge pull request #1441 from fanquake/autoconf_doc_updates doc: minor autoconf/formatting improvements

ac69410e

2023-04-17T14:28:43

doc: mark Autotools as deprecated in building.md Re-arrange so CMake is mentioned first. Formatting improvements.

2470b37b

2023-04-17T14:22:30

doc: move autoconf link in readme to autoconf section.

4c993a0e

2023-04-11T04:44:37

Fix typo in changelog (#1438)

f747a7b9

2023-04-04T22:19:07

Prohibit VLA in autotools too

f04d90b1

2023-04-04T22:15:35

Fix building with -Wstack-protector due to VLA and fobid them It is not a thankless task to fix such issues on and on, let's just prohibit this cases, and our build with -Werror on CI will show new issues from now on. Fixes: #1434

1878232b

2023-02-13T15:57:55

build: split kqueue warning message into cross-compile and apple This is output when compiling (natively) on macOS systems, which is confusing, because no cross-compilation is involved. Split the message into separate cases.

fc568ff0

2023-03-17T19:53:50

Deal with partial writes on SSL write SSL write may do partial writes in some cases. For example, document of mbedtls_ssl_write says: If the return value is non-negative but less than length, the function must be called again with updated arguments: buf + ret, len - ret (if ret is the return value) until it returns a value equal to the last 'len' argument. In case of partial writes, we should continue writing the same chain of buffer, not the next chain.

9203d98f

2023-03-27T04:35:00

http: style fix: use space between arguments list (#1435)

6e1826dd

2023-03-08T21:34:37

ci: fix typo in yaml for cifuzz Follow-up for: #1431

606056d6

2023-03-06T21:22:10

ci: switch to ubuntu 20.04 github action reports "internal error" for builds on ubuntu 18.04: linux-cmake-job (ubuntu-18.04, COMPILER_CLANG) This is a scheduled Ubuntu-18.04 brownout. The Ubuntu-18.04 environment is deprecated and will be removed on April 1st, 2023. For more details, see https://github.com/actions/runner-images/issues/6002 linux-cmake-job (ubuntu-18.04, COMPILER_CLANG) GitHub Actions has encountered an internal error when running your job.

99a4b1a7

2023-03-06T14:26:11

ci: set minimal permissions on GitHub Actions Change made by setting top-level read-only permisisons, and any other necessary permissions set as job-level. Closes #1421 Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>

6bfa5805

2023-03-05T23:59:21

http: Reduce times of checking if response has body (#1395) Use a variable 'need_body' to store the result of evhttp_response_needs_body(), then use the variable instead of call the function again.

185e2f00

2023-03-05T23:58:22

build: improve mbedtls searching on macOS with brew for cmake (#1419) This just copies the same logic used to find OpenSSL on macOS using homebrew, for finding mbedtls via brew. Without it, the build will fail out the box with a brew installed mbedtls.

4e6375e8

2023-03-05T16:56:56

Always have evutil_secure_rng_add_bytes available (#1427) When libevent doesn't provide random the arc4 function, but they come from libc, there is no need to call this function, so make it do nothing. Fixes: #1393

3a0cf34b

2023-03-04T22:29:09

ws-chat-server: fix potential resource leak

bac9d10a

2023-03-05T05:13:54

Fix potential null dereference in http-server (#1430) Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>

fa05966d

2023-03-05T05:12:04

test: fix potential null dereference in https_bind_ssl_bevcb (#1428) Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>

557990ca

2023-03-02T12:41:11

Optimize arc4random_uniform() (by syncing with OpenBSD implementation) 1. In d4de062, in Feb 2010, libevent adopted OpenBSD implementation of arc4random_uniform. 2. In https://github.com/openbsd/src/commit/728918cba93e0418bea2a73c9784f6b80c2a9dbd, in Jun 2012, OpenBSD improved their implementation to be faster, by changing arc4random_uniform() to calculate ``2**32 % upper_bound'' as ``-upper_bound % upper_bound''. Alternatively we can simply remove arc4random_uniform() since it is not used by libevent anyway, but let's just sync the header for now.

e96e98ae

2023-03-02T13:43:54

evdns: fix "Branch condition evaluates to a garbage value" in reply_parse

3bcc92cf

2023-03-02T13:59:32

Fix the value is never actually read from 'argument' in evhttp_parse_query_impl() Although the value stored to 'argument' is used in the enclosing expression, the value is never actually read from 'argument'

b84fee24

2023-03-02T14:07:44

Fix "Value stored to 'a' is never read" in SHA1Transform() Using same fix as used in android [1]. [1]: android.googlesource.com/platform/dalvik/+/android-4.4.2_r2/libdex/sha1.cpp#193

bcefdbc6

2023-02-14T09:56:03

Merge pull request #1418 from fanquake/use_fortify_source_3 build: use FORTIFY_SOURCE=3 in hardening option

e89ddd40

2023-02-13T16:06:29

build: use FORTIFY_SOURCE=3 in autotools build

38cd76f0

2023-02-13T16:05:58

build: use FORTIFY_SOURCE=3 in CMake build

28c28f07

2023-02-13T08:09:21

Merge pull request #1414 from azat/build/deprecate-autotools Deprecate autotools build

1df2a5a6

2023-02-12T17:05:20

test: enable allocator_may_return_null=1 for calloc with ENOMEM test

207ea62b

2023-02-12T16:46:40

test: handle -v as --verbose for regress

0ea20582

2023-02-12T21:39:04

test: add del_wait/del_notify tests for windows Test manually, since CI is too slow

c437b84a

2023-02-12T15:24:06

Remove extra builds for autotools on CI We have almost the same matrix for cmake and autotools, but autotools is considered to be deprecated from now on, plus our CI takes too much time, especially non-linux, since we are using public infrastucture. So let's remove extra builds.

f7e39d2e

2023-02-12T16:29:45

ci: bump cache and checkout plugins

b5a6940d

2023-02-12T16:11:02

ci: fix paths-ignore

7e6d9b0b

2023-02-12T15:20:30

.github/workflows/build.yml: remove trailing whitespaces

866b751b

2023-02-12T15:19:51

Deprecate autotools build

765fb410

2023-02-12T16:19:35

Fix compilation on non recent windows SDKs (#1399) In commit f8bb9d8 the header stringapiset.h was included, very likely because the user who made the change saw that the funciton WideCharToMultiByte is "declared" in there. That header tho is a recent addition to the windows headers added in the last years in an attempt from microsoft to split the windows.h header in multiple files, so the inclusion fails when the library is not built with the latest visual studio using the latest windows 10 sdk. That inclusion can be safely removed as in any case the function WideCharToMultiByte was already included by the windows.h header that is included few lines below.

61de8a07

2023-02-12T15:47:16

test: fix leaks in bufferevent_pair_release_lock (#1413)

a82b77bb

2023-02-12T09:56:54

Remove suppression for test_ok under TSan There is no such tests yet.

b5a5fbb8

2023-02-12T08:50:05

Merge branch 'tests-fixes' * tests-fixes: Add more ignore rules test: fix debug locks in case new lock gots old address test: suppress logs from the tests that produce them under normal circumstances test: fix TT_* flags values Suppress data race for test_ok variable Suppress data race for event_debug_created_threadable_ctx_ variable

b99106f3

2023-02-12T08:36:16

Add more ignore rules - for clangd - and compile_commands.json for it

c257e16f

2023-02-12T08:34:52

test: fix debug locks in case new lock gots old address Refs: #1407

fb900a28

2023-02-12T08:12:20

test: suppress logs from the tests that produce them under normal circumstances

1201bb85

2023-02-12T07:59:17

test: fix TT_* flags values

f0cb4b7f

2023-02-12T07:58:55

Suppress data race for test_ok variable

39be38ff

2023-02-12T07:58:29

Suppress data race for event_debug_created_threadable_ctx_ variable

f9134df7

2023-02-04T15:00:48

Add LEV_OPT_BIND_IPV4_AND_IPV6 flag (#1400) Libevent introduced the LEV_OPT_BIND_IPV6ONLY to pass to evconnlistener_new_bind to make it automatically set the underlying socket as accepting ipv6 requests. This works fine on posix compliant platforms as by the standard every new AF_INET6 socket is created as both supporting ipv6 and ipv4 connections. But on windows the default is the opposite, with the flag IPV6_V6ONLY being always enabled by default. This makes creating a listener to supports both protocols a bit more tricky as winsock doesn't allow changing this flag after evconnlistener_new_bind does all the initial setup because as stated in the docs, you can't change it after the sonnect connected, so one would have to manually create the socket beforehand and set the flag and then call evconnlistener_new with the socket itself. It would be nice to have libevent keep a consistent behaviour across the platforms in this scenario, maybe or by making it always set IPV6_V6ONLY to false unless LEV_OPT_BIND_IPV6ONLY is passed, in which case it's set to true, or add another flag to forcefully set it to false and keep the system dependent behaviour as default. So this patch add new option for libevent listeners to bind to both - LEV_OPT_BIND_IPV4_AND_IPV6

a5b0ded3

2023-02-04T14:56:53

Add config for vim/nvim

4d85d28a

2023-01-28T13:28:52

Fix pthread detection for regress tests on Android Fixes: #1403

35375101

2023-01-27T08:57:33

Fixes some new warnings under clang-15 - -Wdeprecated-non-prototype /src/le/libevent/strlcpy.c:48:1: warning: a function definition without a prototype is deprecated in all versions of C and is not supported in C2x [-Wdeprecated-non-prototype] event_strlcpy_(dst, src, siz) - -Wstrict-prototypes /src/le/libevent/evthread.c:82:70: warning: a function declaration without a prototype is deprecated in all versions of C [-Wstrict-prototypes] struct evthread_condition_callbacks *evthread_get_condition_callbacks() - -Wunused-but-set-variable /src/le/libevent/test/regress_buffer.c:130:6: warning: variable 'n' set but not used [-Wunused-but-set-variable] int n = 0; ^

3d138bda

2023-01-27T08:51:56

Allow evdns_base_new to succeed with no nameservers configured (#1389) * evdns-no-ns: Allow evdns_base_new to succeed with no nameservers configured Replace magic numbers with consts for evdns_base_resolv_conf_parse() errors

ebd7e8d7

2023-01-27T08:44:41

Allow evdns_base_new to succeed with no nameservers configured If resolv.conf has no nameservers, evdns_base_new can still succeed with the default of using the name server from localhost matching the man page documentation for resolv.conf.

a7fffb5c

2023-01-17T23:02:56

Replace magic numbers with consts for evdns_base_resolv_conf_parse() errors

c01cb1d6

2023-01-10T11:20:24

Fix ignoring return value of arc4random() warning (with _FORTIFY_SOURCE defined) arc4random() defines with __wur (warn-unused-return) macro in glibc, but the problem pops up only for gentoo, since only it really define __wur to __attribute__ ((__warn_unused_result__)), because it defines _FORTIFY_SOURCE unconditionally [1]. [1]: https://gitweb.gentoo.org/proj/gcc-patches.git/tree/9.4.0/gentoo/01_all_default-fortify-source.patch?id=7f7f80a650607c3090ae0790b8daef88434da681 And hence you get this error: ```sh docker run -v $PWD:/src:ro --rm --name le -w /src -it gentoo/stage3 bash -c 'mkdir /build && cd /build && /src/configure --enable-gcc-warnings=yes --disable-samples && make -j && echo OK' /src/evutil_rand.c: In function 'evutil_secure_rng_init': /src/evutil_rand.c:56:16: error: ignoring return value of 'arc4random' declared with attribute 'warn_unused_result' [-Werror=unused-result] 56 | (void) arc4random(); | ^~~~~~~~~~~~ cc1: all warnings being treated as errors make[1]: *** [Makefile:2056: evutil_rand.lo] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/build' make: *** [Makefile:1523: all] Error 2 ``` Also it seems that GCC works as expected here [2], and will not change the behavior. [2]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425

94cc08fd

2023-01-15T20:56:56

Add CTestCostData.txt to gitignore

0b79a002

2023-01-02T17:06:48

buffer: use pread() for evbuffer_file_segment_materialize() If pread(2) is available, prefer it over double lseek(2) and read(2) in evbuffer_file_segment_materialize(). Signed-off-by: Dmitry Antipov <dantipov@cloudlinux.com>

1fe626c4

2022-12-16T00:34:25

Allow CLI override of CMAKE_DEBUG_POSTFIX (#1391) Allows cmake -DCMAKE_BUILD_TYPE=DEBUG -DCMAKE_DEBUG_POSTFIX= for a debug build with the regular library names.

d8ecb88f

2022-11-26T19:40:02

ci: add CIFuzz Github action (#1382) Signed-off-by: David Korczynski <david@adalogics.com> Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>

dfbb004a

2022-11-20T23:11:00

Fix script for updating contributors

82af0ea4

2022-11-20T22:18:37

cmake: remove redundant _GNU_SOURCE definition As reported by @francoisk: `_GNU_SOURCE` is defined in the private config header but also on the compiler command-line for every object. Fixes: #1333

097af7b7

2022-11-20T21:52:49

Merge branch 'release-2.2-changelog-prepare' * release-2.2-changelog-prepare: Changelog skeleton Start new changelog for 2.2

d179ae92

2022-11-20T21:52:12

Changelog skeleton

f40642ee

2022-11-13T22:09:12

Start new changelog for 2.2

e28b3bef

2022-11-20T21:50:40

Merge branch 'release-scripts' * release-scripts: Add a script to generate changelog Add a script to add new contributors Rellocate some text in CONTRIBUTORS.md

acd4cc63

2022-11-13T21:53:17

Add a script to generate changelog

7c8b3e99

2022-11-13T21:44:10

Add a script to add new contributors

d130d9f9

2022-11-13T21:32:44

Rellocate some text in CONTRIBUTORS.md

650d8619

2022-11-20T14:51:36

cmake: do influence CMAKE_DEBUG_POSTFIX of the outer project (if any) Consider the following example: $ touch lib.c $ cat > CMakeLists.txt <<EOL add_subdirectory(/src/le/libevent libevent EXCLUDE_FROM_ALL) add_library(lib lib.c) EOL $ mkdir .cmake $ cmake -DCMAKE_BUILD_TYPE=debug -G Ninja .. $ ninja $ ls *.a liblibd.a So now outer project also has "d" prefix for libraries. Let's avoid this by setting non-cached variable. Fixes: #1371

ed079c9f

2022-11-16T22:06:06

Add ws-chat-server to gitignore (#1376)

7a18af8c

2022-11-15T12:38:41

Exclude arc4random_buf implementation if it's already present in the platform (#1375) This patch excludes definition of arc4random_buf on systems where it is already present. When the symbol is found, the macro EVENT__HAVE_ARC4RANDOM_BUF is set via CMake's configure_file(..). Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>

cdeb3242

2022-11-13T14:05:43

Various documentation improvements (#842) * doc-pull: doc: add build prerequisites doc: add MSVC and GNUC options Fixes: #843

3d82675e

2019-06-22T00:03:36

doc: add build prerequisites [ci skip]

a3973a5a

2019-06-19T22:27:39

doc: add MSVC and GNUC options

8800b17a

2022-11-01T14:26:11

evdns: integrate deferred_response_callback into evdns_request the allocation of the struct deferred_reply_callback can fail. If that happens a program waiting for a callback never gets a callback. The program would asume that it either gets an error or a callback when e.g. calling evdns_base_resolve_ipv6. I did an analysis of the evdns.c code and concluded that struct evdns_request would live until the callback is executed. Based on that conclusion I removed the struct deferred_reply_callback and moved the neccessary fields for data which should be copied from struct request into struct evdns_request. The fields evdns_callback_type user_callback and void *user_pointer are moved into struct evdns_request as it is a more natural place for them to live than struct request.

45c66e48

2022-11-13T20:39:17

Add CI checks for OpenBSD (#1326) Initially 6.9 and 7.1 had been added, however due to some issues (you can read about them below) 6.9 had been disabled. netbsd 6.9 does not have correct library namings for autotools: 2022-08-17T04:59:58.8339420Z libtool: link: (cd ".libs" && rm -f "libevent.so.1.0" && ln -s "libevent-2.2.so.1.0" "libevent.so.1.0") $ grep ^library_names= libevent.la· library_names='libevent-2.2.so.1.0 libevent.so.1.0' # And this is wrong, it should be: libtool: link: (cd ".libs" && rm -f "libevent-2.2.so.1" && ln -s "libevent-2.2.so.1.0.0" "libevent-2.2.so.1") libtool: link: (cd ".libs" && rm -f "libevent.so" && ln -s "libevent-2.2.so.1.0.0" "libevent.so") library_names='libevent-2.2.so.1.0.0 libevent-2.2.so.1 libevent.so' **And I think that 7.1 should also fail, however it has system-wide libevent installed with evdns in the libevent.so** Also there are some issues with `TEST_EXPORT_SHARED` test, because of libraries naming: 2022-09-13T06:38:29.2150790Z [test-export] test for install tree(in system-wide path) 2022-09-13T06:38:29.2151500Z [test-export] fail: link core and run core expects success but gets failure. 2022-09-13T06:38:29.2063870Z /usr/bin/cc CMakeFiles/test-export.dir/test-export.c.o -o test-export -L/usr/local/lib -Wl,-z,origin,-rpath,/usr/local/lib -levent_core-2.2 -lpthread -Wl,-rpath-link,/usr/X11R6/lib:/usr/local/lib· 2022-09-13T06:38:29.2152190Z ld: error: unable to find library -levent_core-2.2 2022-09-13T06:38:28.3915680Z -- Install configuration: "Release" 2022-09-13T06:38:28.3916700Z -- Up-to-date: /usr/local/lib/libevent_core-2.2.so.1.0.0 2022-09-13T06:38:28.3917110Z -- Up-to-date: /usr/local/lib/libevent_core-2.2.so.1 2022-09-13T06:38:28.3917480Z -- Up-to-date: /usr/local/lib/libevent_core.so # no libevent_core-2.2.so So I have to disable it too. Co-authored-by: Azat Khuzhin <azat@libevent.org>

1af745d0

2022-10-25T11:30:34

signal: new signal handling backend based on signalfd Linux-specific signal handling backend based on signalfd(2) system call, and public function event_base_get_signal_method() to obtain an underlying kernel signal handling mechanism. Signed-off-by: Dmitry Antipov <dantipov@cloudlinux.com>

9e346936

2022-11-12T18:56:25

Ignore unknown pragmas Since new compilers has new checks (like -Wdangling-pointer), and so to avoid extra checks in cmake/autotools, simply suppress if the pragma is unknown.

72a4fe76

2022-11-12T18:59:41

ws-chat-server: fix session name initialization (using of uninitialized data)

c8c730c8

2022-11-12T18:56:03

cmake: tiny cleanup

56d380b9

2022-11-12T18:45:13

ws: ignore case while comparing values of Upgrade/Connection headers Cc: @widgetii Fixes: #1373

8482e227

2022-11-12T18:44:44

ws-chat-server: avoid SIGSEGV in case of evws_new_session() failure

dda05f45

2022-11-12T18:11:08

sample/ws-chat.html: allow to open it via file:// protocol

2dfad6c3

2022-11-12T18:06:09

Suppress -Wdangling-pointer in event_signal_closure() gcc 12 complains: [34/46] Building C object CMakeFiles/event_static.dir/event.c.o /src/le/libevent/event.c: In function ‘event_signal_closure’: /src/le/libevent/event.c:1384:32: warning: storing the address of local variable ‘ncalls’ in ‘*ev.ev_.ev_signal.ev_pncalls’ [-Wdangling-pointer=] 1384 | ev->ev_pncalls = &ncalls; | ~~~~~~~~~~~~~~~^~~~~~~~~ /src/le/libevent/event.c:1378:15: note: ‘ncalls’ declared here 1378 | short ncalls; | ^~~~~~ /src/le/libevent/event.c:1378:15: note: ‘ev’ declared here

e1d7d3e4

2022-11-12T17:56:51

sha1: ignore -Wstringop-overread warning Fixes the following: [4/38] Building C object CMakeFiles/event_shared.dir/sha1.c.o In function ‘SHA1Update’, inlined from ‘SHA1Final’ at /src/le/libevent/sha1.c:274:5, inlined from ‘builtin_SHA1’ at /src/le/libevent/sha1.c:292:5: /src/le/libevent/sha1.c:228:13: warning: ‘SHA1Transform’ reading 64 bytes from a region of size 7 [-Wstringop-overread] 228 | SHA1Transform(context->state, *(const unsigned char (*)[64])&data[i]); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /src/le/libevent/sha1.c:228:13: note: referencing argument 2 of type ‘const unsigned char[64]’ /src/le/libevent/sha1.c: In function ‘builtin_SHA1’: /src/le/libevent/sha1.c:80:13: note: in a call to function ‘SHA1Transform’ 80 | static void SHA1Transform(uint32_t state[5], const unsigned char buffer[64]) { | ^~~~~~~~~~~~~

23a01aa2

2022-11-12T16:41:55

sha1: hide SHA1_CTX

ef8f8caa

2022-11-04T23:52:01

Fix syntax error (#1369)

ff99f67a

2022-11-04T01:59:17

fixed missing check for null after strdup in evutil_inet_pton_scope (#1366)

3ec3b469

2022-10-23T13:47:23

ws: fix compile error on centos 7 - very old compiler (#1359) * http: fix typo * ws: fix comile error On CentOS: CC ws.lo ws.c: In function 'get_ws_frame': ws.c:244:3: error: 'for' loop initial declarations are only allowed in C99 mode for (int i = 0; i < payload_len; i++) { ^ ws.c:244:3: note: use option -std=c99 or -std=gnu99 to compile your code

f04a70f0

2022-10-22T22:23:52

Fix data-race in ws code (#1360) @widgetii: " ================================================================= ==985==ERROR: AddressSanitizer: heap-use-after-free on address 0xb24323e5 at pc 0xb6a06f1c bp 0x9fffc694 sp 0x9fffc260 WRITE of size 2 at 0xb24323e5 thread T22 #0 0xb6a06f1b in __interceptor_memcpy.part.43 (/usr/lib/libasan.so.5+0x41f1b) 0xb24323e5 is located 229 bytes inside of 512-byte region [0xb2432300,0xb2432500) freed by thread T0 (app) here: #0 0xb6a849df in free (/usr/lib/libasan.so.5+0xbf9df) #1 0xb64b6e07 in evbuffer_drain (/usr/lib/libevent_core-2.2.so.1+0x9e07) previously allocated by thread T22 here: #0 0xb6a84d17 in __interceptor_malloc (/usr/lib/libasan.so.5+0xbfd17) #1 0xb64b3d1b (/usr/lib/libevent_core-2.2.so.1+0x6d1b) #2 0x61223 in onIceCandidateHandler /home/dima/git/app/src/webrtc/local.c:116 #3 0x19296f in onNewIceLocalCandidate /home/dima/git/webrtc-c/src/source/PeerConnection/PeerConnection.c:471 " * upstream/pr/1360: Remove bad copy-paste Add locks for server WS, fixes #1357

e8f5a61d

2022-10-12T22:15:21

Remove bad copy-paste

c2ecb4ac

2022-10-12T14:13:44

Add locks for server WS, fixes #1357

8f47d8de

2022-10-03T09:31:10

cmake: Fix Android build. Android/Bionic C library needs no special flags to have threading support. Found when trying to build with vcpkg.

285fc7cc

2022-10-08T19:26:24

Use heap-bases contexts for MbedTLS handles (#1355) @widgetii: "Recently after studying [https-client.c code](https://github.com/libevent/libevent/blob/master/sample/https-client.c#L532) I found that I cannot use MbedTLS with `bufferevent_mbedtls_socket_new` same way as for OpenSSL in other than hello-world code. In mentioned sample code, ssl context is created by `SSL_new()` (as heap-based pointer), but for MbedTLS stack value is used. The issue is in different semantics because OpenSSL is responsible for memory allocation and release for its context, but for MbedTLS it turns out user should do the same manually. I expect that in both cases, setting option `BEV_OPT_CLOSE_ON_FREE` will free all linked resources, but in case of MbedTLS I have memory leak after connection is closed. My proposal is: 1. Provide new `mbedtls_ssl_new` helper-function for end-user that do the same job as `SSL_new()` and use it and example in sample: ```c mbedtls_ssl_context *mbedtls_ssl_new(const mbedtls_ssl_config *conf) { mbedtls_ssl_context *ssl = calloc(1, sizeof(*ssl)); mbedtls_ssl_init(ssl); mbedtls_ssl_setup(ssl, conf); return ssl; } ``` 2. Add `free(ctx->ssl)` right after https://github.com/libevent/libevent/blob/master/bufferevent_mbedtls.c#L68" Fixes: #1354

aa163a4f

2022-10-04T21:42:30

Fix memleak in regress tests

10ed1f1c

2022-10-04T17:57:01

Change code for samples

kc3-lang/libevent

Log