When connecting to a non-existent HTTPS service, the "req" is not null
but the "evhttp_request_get_response_code(req)" is zero.
Closes: #822 (cherry-picked)
(cherry picked from commit 891dd1880fed8c5e1e98f122daeb1ae8414f6b1c)
On 64 bit systems with a lot of memory it is possible to overflow the
counter s->n (unsigned int) which keeps track of the amount of elements
within the heap.
On 32 bit systems with tightly packed memory layout (and adding the
same pointer again and again) an integer overflow could occur if "a"
reaches 2^30 because the multiplication with sizeof *p (4) would
overflow, effectively freeing memory of s->p which eventually leads to
a double free.
No sign of issue for any sane setup and therefore a purely defensive
measurement.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Refs: #799 (first version of the patch for backporting to 2.1.x only)
See-also: 181049739478d57500bd564539f17407437bfe8f ("Revert "Protect min_heap_push_ against integer overflow."")
(cherry picked from commit stoeckmann/libevent@47d348a631)
This patch breaks the ABI compatibility, due to min_heap_idx expansion
[1]
And since major distros did not updated to 2.1.10 yet, this patch will
be reverted:
- debian: https://packages.debian.org/search?keywords=libevent-dev
- ubuntu: https://packages.ubuntu.com/search?keywords=libevent-dev
- fedora: https://apps.fedoraproject.org/packages/libevent-devel
Also there is one that upgraded already:
- archlinux: https://www.archlinux.org/packages/?q=libevent
But archlinux is for developers, so it should be fine I guess.
[1]: https://abi-laboratory.pro/index.php?view=objects_report&l=libevent&v1=2.1.9&v2=2.1.10
- struct event_base
Change: Size of this type has been changed from 672 bytes to 664 bytes.
Effect: The fields or parameters of such data type may be incorrectly initialized or accessed by old client applications.
abi-compliance-checker diff with 2.1.9 before this patch:
Binary compatibility: 69.2%
Source compatibility: 100%
Total binary compatibility problems: 1, warnings: 1
Total source compatibility problems: 0, warnings: 0
after:
Binary compatibility: 100%
Source compatibility: 100%
Total binary compatibility problems: 0, warnings: 0
Total source compatibility problems: 0, warnings: 0
This reverts commit 0b46bb8cc9c0337b5fa0186d9cb031ff4f4ceb9a
* evbuffer-fixes-806-v2:
evbuffer: fix last_with_datap after prepend with empty chain
test: regression for evbuffer_expand_fast_() with invalid last_with_datap
test: cover adjusting of last_with_datap in evbuffer_prepend()
Fixes: #806
(cherry picked from commit 3b1864b625ec37c3051512845982f347f4cc5621)
* issue-807-accept4-getnameinfo-AF_UNIX:
http-server: add usage/help dialog
http: avoid use of uninitialized value for AF_UNIX/AF_LOCAL sockaddr
http-server: add ability to bind to unix-socket
build: struct sockaddr_un detection (sys/un.h, afunix.h)
Fixes: #807
(cherry picked from commit 76eded24d3b0c3fc48c5a888906cc9043223101b)
As ploxiln pointed out in pull request 811 the check "newsize < 0"
is undefined behaviour (signed int overflow).
Follow the advice and check kqop->changes_size instead.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Closes: #813 (cherry-picked)
(cherry picked from commit 2707a4ffabe539999f37a0364f7b0ef44a90589a)
On amd64 systems with kqueue (e.g. *BSD systems) an integer overflow
could be triggered with an excessively huge amount of events.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
(cherry picked from commit cf8acae36a580935c42228f3d30f3e96c8a3ef59)
* official/pr/804:
Added test for evmap slot validations.
Prevent endless loop in evmap_make_space.
Enforce limit of NSIG signals.
(cherry picked from commit c6becb26cad8dab2668fe3d913e5ee757bade2fd)
Converting unsigned to size_t for size of memory objects allows
proper handling of very large heaps on 64 bit systems.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Closes: #799 (cherry-picked)
(cherry picked from commit 176fd5665512db95b1cf38fc647a7c706d80c14d)
To avoid possible confusion
But there is still one test that has some messages on windows:
main/methods
Because this test needs >1 of avaiable methods, otherwise it will warn.
(cherry picked from commit 47d348a63130c91f2a6aadef291ff5687275df72)
Otherwise build errors will be ignored, i.e. if build fails but regress
binary exists (copied from artifacts) it will be runned instead of newly
compiled.
(cherry picked from commit 93a925474d22b94e5ad75a48656033e55efe9055)
There is one more report that is false positive, see [1]:
"In bufferevent_openssl.c, pointer wm is dereferenced on line 871
before it is null checked on line 873."
[1]: https://github.com/libevent/libevent/issues/382#issuecomment-238081938
* fix-uchex-warnings:
evdns: do not check server_req twice
evrpc: do not check req twice
Fixes: #382
(cherry picked from commit da33f768e451f1b5722b7426e03c87e260ee43d0)
- DNS_OPTION_NAMESERVERS_NO_DEFAULT
Do not "default" nameserver (i.e. "127.0.0.1:53") if there is no nameservers
in resolv.conf, (iff DNS_OPTION_NAMESERVERS is set)
- EVDNS_BASE_NAMESERVERS_NO_DEFAULT
If EVDNS_BASE_INITIALIZE_NAMESERVERS isset, do not add default
nameserver if there are no nameservers in resolv.conf (just set
DNS_OPTION_NAMESERVERS_NO_DEFAULT internally)
Fixes: #569
(cherry picked from commit e5b8f4c1925867d8e4cd7dc0390e5141d7ef1106)
Due to regress linked with event and event_core (both of them includes
evthread.c) there will be two different evthread_id_fn_ variables under
mingw64:
evthread_id_fn_: &0x5294f20a8
evthread_id_fn_: &0x4ba0030a8
And because of this evthread_use_pthreads() can/will set one copy of
variables while evthread*() functions will access another, which will
break a lot of things (for example main/del_notify test).
Fixes: #792
(cherry picked from commit 2ae875ed1216a8896d8af0414cb4efbcb907bae5)
Under mingw64:
../signal.c:88:0: warning: "__cdecl" redefined
#define __cdecl
<built-in>: note: this is the location of the previous definition
https://ci.appveyor.com/project/azat/libevent/builds/23321613#L427
(cherry picked from commit b8e2f01690c07f7b6eb29d097b30c1640fc9612e)
By some reason gcc reports next error:
../http.c:3330:11: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
value = "";
Only under -Wwrite-strings, well this is logical, but this information
does not reflected in any documentation.
Follow-up: 8348b413 ("cmake: add various warning flags like autotools has")
f
(cherry picked from commit 42d5a36bd8076c137545759d34500401627a649b)
* evbuffer-empty-chain-handling:
buffer: do not rely on ->off in advance_last_with_data()
buffer: fix evbuffer_remove_buffer() with empty chain in front
test: verify content of the buffer in evbuffer/remove_buffer_with_empty*
(cherry picked from commit b69524c004fb68bcd9475e7aa61f5a7cdb45d304)
Although `_GNU_SOURCE` can be defined as an arbitrary #define per the
glibc docs [1], it's best to define it in a manner consistent with the way
that autoconf defines it, i.e., `1`.
While this shouldn't matter in most cases, it does when the headers from
other projects follow the poorly defined GNU convention implemented by
autoconf and are included after the libevent's util.h header. An example
failure with clang, similar to the failure I encountered, is as follows:
```
$ printf "#define _GNU_SOURCE\n#define _GNU_SOURCE 1" | clang -c -x c -
<stdin>:2:9: warning: '_GNU_SOURCE' macro redefined [-Wmacro-redefined]
^
<stdin>:1:9: note: previous definition is here
^
1 warning generated.
```
This happened when compiling python [2] with a stale homebrew util.h file from
libevent (which admittedly would not happen in a correct libevent install, as the
header should be installed under /usr/local/include/event2/util.h). However, if
both headers had been combined (which is more likely), it would have failed as
shown above.
Removing the ad hoc definition unbreaks compiling python's pyconfig.h.in header
when included after util.h from libevent.
1. http://www.gnu.org/software/libc/manual/html_node/Feature-Test-Macros.html
2. https://github.com/python/cpython/blob/master/configure.ac#L126Closes: #773 (cherry-picked)
Signed-off-by: Enji Cooper <yaneurabeya@gmail.com>
(cherry picked from commit 5f87be42f0ae0126938624a1419a572607078217)
Since the migration request has been hanged for a while, let's switch it
for now without beauty API URL.
Fixes: #555
(cherry picked from commit 2fccb967c52e9f5373494df2773c684dee5ef973)
After we started to use kill() over raise() everything should work just
fine.
This reverts commit a86f89d333d870e6714bd28c695ba1774df3d7f5.
Fixed-in: 728c5dc1 ("Use kill() over raise() for raising the signal (fixes osx 10.14 with kqueue)")
Fixes: #747
(cherry picked from commit 14eb903ba31987d24357abd05923677d194fedae)
