spelling fixes; from paul tagliamonte
ok nicm

Fixed endless loop/ OOB write on 64 bit systems with large buffers.

If a buffer exceeds UINT_MAX (which is only possible on 64 bit systems)
an endless loop or OOB write can occur in buffer-specific

Fixed endless loop/ OOB write on 64 bit systems with large buffers.

If a buffer exceeds UINT_MAX (which is only possible on 64 bit systems)
an endless loop or OOB write can occur in buffer-specific readline
functions.

Switching variables in function scope to size_t solves these issue because
relevant fields in struct buffer are already size_t.

ok cheloha, deraadt, nicm, tedu

show more ...

Use recallocarray() to avoid leaving detritus in memory when resizing
the string buffer.
ok jsing millert

Remove NULL pointer checks before calls to free().
OK bluhm@ nicm@

Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@

Fix CVE-2014-6272 in Libevent 1.4 from upstream:
- https://github.com/libevent/libevent/commit/7b21c4eabf1f3946d3f63cce1319c490caab8ecf
- For this fix, we need to make sure that passing too-large inp

Fix CVE-2014-6272 in Libevent 1.4 from upstream:
- https://github.com/libevent/libevent/commit/7b21c4eabf1f3946d3f63cce1319c490caab8ecf
- For this fix, we need to make sure that passing too-large inputs to
the evbuffer functions can't make us do bad things with the heap.
On top of that do:
- Update libevent version to 1.4.15-stable.
- Use SIZE_MAX from limits.h instead of a private define.
- Do not declare 'size_t need' twice to avoid a compiler warning.
OK sthen

show more ...

libraries shouldnt print to stderr when things dont go their way.

switch fprintf(stderr) over to event_warn() on malloc failure. fix
up an errant newline in an existing event_warn while there.

orig

libraries shouldnt print to stderr when things dont go their way.

switch fprintf(stderr) over to event_warn() on malloc failure. fix
up an errant newline in an existing event_warn while there.

originally i just wanted to delete the fprintf
diff from nicm@ who is away from a keyboard right now so cant commit
guenther@ agrees with the idea

show more ...

Fix whitespace errors in libevent.
OK nicm@

After removing all the #ifdef, the wrappers in evutil are rather
useless. Let libevent call the libc functions directly.
OK nicm@

Remove some #ifdef from libevent.
OK nicm@

Remove the remaining #ifdef HAVE_ and the #define _GNU_SOURCE.
OK nicm@

Remove #ifdef HAVE_.*_H, just include the header files.
Do not include sys/param.h.
OK nicm@

Remove #ifdef HAVE_CONFIG_H, there is no config.h file.
OK nicm@

iRemove the #ifdef WIN32 implementation from libevent.
OK nicm@

add missing header needed by event_warn()

ok nicm@

Update to 1.4.14b.

From their change log:
o Fix memory-leak of signal handler array with kqueue. [backport]
o Make evutil_make_socket_nonblocking() leave any other flags alone.
o Adjusted fcntl()

Update to 1.4.14b.

From their change log:
o Fix memory-leak of signal handler array with kqueue. [backport]
o Make evutil_make_socket_nonblocking() leave any other flags alone.
o Adjusted fcntl() retval comparison on evutil_make_socket_nonblocking().
o Re-add event_siglcb; some old code _was_ still using it. :(
o Fix a free(NULL) in min_heap.h
o Clean up properly when adding a signal handler fails.

Also a local change to use an int rather than a long for fcntl().

ok guenther deraadt

show more ...

Update libevent to 1.4.13.

This is the core library only, the DNS parts are removed and it does not
include the other extra bits (HTTP, DNS, and RPC), a separate port for
these will appear in due co

Update libevent to 1.4.13.

This is the core library only, the DNS parts are removed and it does not
include the other extra bits (HTTP, DNS, and RPC), a separate port for
these will appear in due course.

Thanks to jsg, sthen, alek, gilles, jacekm, bernd and any others I've
forgotten for testing/comments.

Note that /usr/include/evdns.h should be removed after updating.

ok deraadt

show more ...

In evbuffer_readline, do not lose data upon malloc failure. From mainstream:
http://levent.svn.sourceforge.net/viewvc/levent?view=rev&revision=1436
ok gilles@

Update to libevent 1.3e while retaining our local changes.

"No objection" millert@
"the diff looks and works fine" reyk@

Update to libevent-1.3b while retaining our local changes. beck@ OK

Two libevent fixes from the SVN repo:
allow gotsig to terminate active event loop and evbuffer_find fix.
OK brad@ pyr@

'tranfer' -> 'transfer' in comments.

fix a potential problem in multiple handling of va_list; use va_copy instead.

From Niels Provos via the libevent SVN, by Alejo.

ok deraadt@

- limit the amount of data bufferevents are going to consume to something
reasonable; in some circumstances it could happen that libevent happily
allocated 100MB in read buffers without telling t

- limit the amount of data bufferevents are going to consume to something
reasonable; in some circumstances it could happen that libevent happily
allocated 100MB in read buffers without telling the user; found by
christopher maxwell - parts of these changes are from his patch.

- allow setting an event base for bufferevents; from phil oleson

- improved manpage from Phil Oleson

From libevent CVS

show more ...

another fix from art.

From libevent CVS