Skip to content
A public libevent repository. The official repository is at https://github.com/libevent/libevent http://libevent.org
C CMake Python Groff C++ Shell Makefile
#323 Compare This branch is even with nmathewson:master.
Latest commit 96f64a0 @azat azat evdns: name_parse(): fix remote stack overread
@asn-the-goblin-slayer:
  "the name_parse() function in libevent's DNS code is vulnerable to a buffer overread.

   971         if (cp != name_out) {
   972             if (cp + 1 >= end) return -1;
   973             *cp++ = '.';
   974         }
   975         if (cp + label_len >= end) return -1;
   976         memcpy(cp, packet + j, label_len);
   977         cp += label_len;
   978         j += label_len;
   No check is made against length before the memcpy occurs.

   This was found through the Tor bug bounty program and the discovery should be credited to 'Guido Vranken'."

Reproducer for gdb (https://gist.github.com/azat/e4fcf540e9b89ab86d02):
  set $PROT_NONE=0x0
  set $PROT_READ=0x1
  set $PROT_WRITE=0x2
  set $MAP_ANONYMOUS=0x20
  set $MAP_SHARED=0x01
  set $MAP_FIXED=0x10
  set $MAP_32BIT=0x40

  start

  set $length=202
  # overread
  set $length=2
  # allocate with mmap to have a seg fault on page boundary
  set $l=(1<<20)*2
  p mmap(0, $l, $PROT_READ|$PROT_WRITE, $MAP_ANONYMOUS|$MAP_SHARED|$MAP_32BIT, -1, 0)
  set $packet=(char *)$1+$l-$length
  # hack the packet
  set $packet[0]=63
  set $packet[1]='/'

  p malloc(sizeof(int))
  set $idx=(int *)$2
  set $idx[0]=0
  set $name_out_len=202

  p malloc($name_out_len)
  set $name_out=$3

  # have WRITE only mapping to fail on read
  set $end=$1+$l
  p (void *)mmap($end, 1<<12, $PROT_NONE, $MAP_ANONYMOUS|$MAP_SHARED|$MAP_FIXED|$MAP_32BIT, -1, 0)
  set $m=$4

  p name_parse($packet, $length, $idx, $name_out, $name_out_len)
  x/2s (char *)$name_out

Before this patch:
$ gdb -ex 'source gdb' dns-example
$1 = 1073741824
$2 = (void *) 0x633010
$3 = (void *) 0x633030
$4 = (void *) 0x40200000

Program received signal SIGSEGV, Segmentation fault.
__memcpy_sse2_unaligned () at memcpy-sse2-unaligned.S:33

After this patch:
$ gdb -ex 'source gdb' dns-example
$1 = 1073741824
$2 = (void *) 0x633010
$3 = (void *) 0x633030
$4 = (void *) 0x40200000
$5 = -1
0x633030:       "/"
0x633032:       ""
(gdb) p $m
$6 = (void *) 0x40200000
(gdb) p $1
$7 = 1073741824
(gdb) p/x $1
$8 = 0x40000000
(gdb) quit

P.S. plus drop one condition duplicate.

Fixes: #317
Failed to load latest commit information.
WIN32-Code Increment version to 2.1.5-beta
cmake More cmake updates, lot's of missing definitions
compat/sys Fix all identifiers with names beginning with underscore.
include visibility: align it to make it more readable
m4 Merge remote-tracking branch 'origin/patches-2.0'
sample http-connect: make it win32 compilable
test Add missing return statement to del_wait_thread so libevent can build.
.gitignore Ignore more configure stuff (configure.lineno)
.travis.yml travis: add builds without debug mode into matrix
CMakeLists.txt cmake: fix building dns-example under win32 (missing getopt)
ChangeLog Update changelog
ChangeLog-1.4 Try to finalize changelog situation for 2.1.1-alpha
ChangeLog-2.0 Update ChangeLog-2.0
Doxyfile Fix doxygen to use new macro conventions
LICENSE Implement fast/precise monotonic clocks on Windows
Makefile.am Increment version to 2.1.5-beta
Makefile.nmake Revert "The Windows socket type is defined as SOCKET."
README.md Update README.md
appveyor.yml Use autotools for appveyor until cmake is fixed.
arc4random.c Merge remote-tracking branch 'origin/patches-2.0'
autogen.sh Prefer autoreconf -ivf to manual autogen.sh
buffer.c Don't use BSD u_* types.
buffer_iocp.c Have all visible internal function names end with an underscore.
bufferevent-internal.h be: introduce bufferevent_generic_adj_existing_timeouts_()
bufferevent.c be: introduce bufferevent_generic_adj_existing_timeouts_()
bufferevent_async.c be async: avoid double close()
bufferevent_filter.c Call underlying bev ctrl SET_FD on filtered bufferevents
bufferevent_openssl.c be_openssl: don't call do_write() directly from outbuf_cb
bufferevent_pair.c Fix lock leak in be_pair_flush() if flush type is BEV_NORMAL
bufferevent_ratelim.c Pass and return const for bufferevent_get_token_bucket_cfg
bufferevent_sock.c be_sock: bufferevent_socket_connect_hostname(): make it thread-safe
changelist-internal.h Implemented EV_CLOSED event for epoll backend (EPOLLRDHUP).
configure.ac autotools: fix getservbyname() detection
defer-internal.h fix the return value of event_deferred_cb_schedule_
devpoll.c Have all visible internal function names end with an underscore.
epoll.c epoll: introduce PRINT_CHANGES() macro to avoid copy-pasting
epoll_sub.c Merge remote-tracking branch 'origin/patches-2.0'
epolltable-internal.h Split epoll lookup table into a separate header file
evbuffer-internal.h Fix CVE-2014-6272 in Libevent 2.1
evconfig-private.h.cmake Generate a dummy evconfig-private.h so things build properly.
evconfig-private.h.in Clean up lingering _identifiers.
evdns.3 improved nroff mdoc for the man page
evdns.c evdns: name_parse(): fix remote stack overread
event-config.h.cmake cmake: don't define EVENT__NEED_DLLIMPORT always (fixes VS2013 static…
event-internal.h Add a prototype for event_disable_debug_mode()
event.3 Don't use BSD u_* types.
event.c event_reinit: make signals works after fork() without evsig_add()
event_iocp.c Merge remote-tracking branch 'origin/patches-2.0'
event_rpcgen.py Merge remote-tracking branch 'origin/patches-2.0'
event_tagging.c Include <sys/ioctl.h>, <sys/resource.h> and <sys/wait.h> optionally.
evmap-internal.h Have all visible internal function names end with an underscore.
evmap.c Implemented EV_CLOSED event for epoll backend (EPOLLRDHUP).
evport.c Have all visible internal function names end with an underscore.
evrpc-internal.h Add an include to evrpc-internal to fix openbsd compilation warning
evrpc.c Fix even more coverity warnings.
evsignal-internal.h Add a new libevent_global_shutdown() to free all globals before exiting.
evthread-internal.h Fix "function declaration isn’t a prototype"
evthread.c evthread: fix evthread_setup_global_lock_() for debug-lock with a rea…
evthread_pthread.c Clean up lingering _identifiers.
evthread_win32.c Merge remote-tracking branch 'origin/patches-2.0'
evutil.c evutil_parse_sockaddr_port(): fix buffer overflow
evutil_rand.c Merge remote-tracking branch 'origin/patches-2.0'
evutil_time.c Implement new/free for struct evutil_monotonic_timer and export monot…
ht-internal.h ht-internal: don't reset hth_table_length explicitly in name_##HT_CLEAR
http-internal.h Don't use BSD u_* types.
http.c http: avoid epoll_ctl() on already closed fd (triggers by http/chunk_…
iocp-internal.h Have all visible internal function names end with an underscore.
ipv6-internal.h Convert include-guard macro convention to avoid reserved identifiers
kqueue-internal.h Replace pipe-based notification with EVFILT_USER where possible
kqueue.c Assume that ke_udata is an integer type on CloudABI.
libevent.pc.in Change use of AC_CHECK_LIB to AC_SEARCH_LIBS.
libevent_openssl.pc.in Use correct openssl libs and includes in pkgconfig file
libevent_pthreads.pc.in Add pkgconfig files for libevent_{openssl,pthreads}
listener.c Fix potential fd leak in listener_read_cb()
log-internal.h Actually use the log facility for reporting evdns problems.
log.c Actually use the log facility for reporting evdns problems.
make-event-config.sed Generate event-config.h with a single sed script
make_epoll_table.py Implemented EV_CLOSED event for epoll backend (EPOLLRDHUP).
minheap-internal.h Remove an unreachable return statement in minheap-internal.h
mm-internal.h Convert include-guard macro convention to avoid reserved identifiers
poll.c Split out time-related prototypes into time-internal.h
ratelim-internal.h Have all visible internal function names end with an underscore.
select.c Tweak the new evutil_weakrand_() code
signal.c Merge remote-tracking branch 'github/20_win64_compilation' into 21_wi…
strlcpy-internal.h Fix all identifiers with names beginning with underscore.
strlcpy.c Fix all identifiers with names beginning with underscore.
time-internal.h Implement new/free for struct evutil_monotonic_timer and export monot…
util-internal.h util: make @sa const for evutil_socket_connect_()
whatsnew-2.0.txt "buffer" spelling
whatsnew-2.1.txt Add new APIs to whatsnew-2.1
win32select.c Don't use BSD u_* types.

README.md

libevent logo

Appveyor Win32 Build Status Travis Build Status

0. BUILDING AND INSTALLATION (Briefly)

Autoconf

 $ ./configure
 $ make
 $ make verify   # (optional)
 $ sudo make install

Cmake (General)

The following Libevent specific Cmake variables ar as follows (the values being the default).

# Installation directory for executables
EVENT_INSTALL_BIN_DIR:PATH=bin

# Installation directory for CMake files
EVENT_INSTALL_CMAKE_DIR:PATH=lib/cmake/libevent

## Installation directory for header files
EVENT_INSTALL_INCLUDE_DIR:PATH=include

## Installation directory for libraries
EVENT_INSTALL_LIB_DIR:PATH=lib

## Define if libevent should be built with shared libraries instead of archives
EVENT__BUILD_SHARED_LIBRARIES:BOOL=OFF

# Enable running gcov to get a test coverage report (only works with
# GCC/CLang). Make sure to enable -DCMAKE_BUILD_TYPE=Debug as well.
EVENT__COVERAGE:BOOL=OFF

# Defines if libevent should build without the benchmark exectuables
EVENT__DISABLE_BENCHMARK:BOOL=OFF

# Define if libevent should build without support for a debug mode
EVENT__DISABLE_DEBUG_MODE:BOOL=OFF

# Define if libevent should not allow replacing the mm functions
EVENT__DISABLE_MM_REPLACEMENT:BOOL=OFF

# Define if libevent should build without support for OpenSSL encrpytion
EVENT__DISABLE_OPENSSL:BOOL=ON

# Disable the regress tests
EVENT__DISABLE_REGRESS:BOOL=OFF

# Disable sample files
EVENT__DISABLE_SAMPLES:BOOL=OFF

# If tests should be compiled or not
EVENT__DISABLE_TESTS:BOOL=OFF

# Define if libevent should not be compiled with thread support
EVENT__DISABLE_THREAD_SUPPORT:BOOL=OFF

# Enables verbose debugging
EVENT__ENABLE_VERBOSE_DEBUG:BOOL=OFF

# When crosscompiling forces running a test program that verifies that Kqueue
# works with pipes. Note that this requires you to manually run the test program
# on the the cross compilation target to verify that it works. See cmake
# documentation for try_run for more details
EVENT__FORCE_KQUEUE_CHECK:BOOL=OFF

# set EVENT_STAGE_VERSION
EVENT__STAGE_VERSION:STRING=beta

More variables can be found by running cmake -LAH <sourcedir_path>

CMake (Windows)

Install CMake: http://www.cmake.org

 $ md build && cd build
 $ cmake -G "Visual Studio 10" ..   # Or whatever generator you want to use cmake --help for a list.
 $ start libevent.sln

CMake (Unix)

 $ mkdir build && cd build
 $ cmake ..     # Default to Unix Makefiles.
 $ make
 $ make verify  # (optional)

1. BUILDING AND INSTALLATION (In Depth)

Autoconf

To build libevent, type

 $ ./configure && make

(If you got libevent from the git repository, you will first need to run the included "autogen.sh" script in order to generate the configure script.)

You can run the regression tests by running

 $ make verify

Install as root via

 $ make install

Before reporting any problems, please run the regression tests.

To enable the low-level tracing build the library as:

 $ CFLAGS=-DUSE_DEBUG ./configure [...]

Standard configure flags should work. In particular, see:

--disable-shared Only build static libraries --prefix Install all files relative to this directory.

The configure script also supports the following flags:

--enable-gcc-warnings Enable extra compiler checking with GCC. --disable-malloc-replacement Don't let applications replace our memory management functions --disable-openssl Disable support for OpenSSL encryption. --disable-thread-support Don't support multithreaded environments.

CMake (Windows)

(Note that autoconf is currently the most mature and supported build enviroment for libevent; the cmake instructions here are new and experimental, though they should be solid. We hope that cmake will still be supported in future versions of Libevent, and will try to make sure that happens.)

First of all install http://www.cmake.org.

To build libevent using Microsoft Visual studio open the "Visual Studio Command prompt" and type:

$ cd <libevent source dir>
$ mkdir build && cd build
$ cmake -G "Visual Studio 10" ..   # Or whatever generator you want to use cmake --help for a list.
$ start libevent.sln

In the above, the ".." refers to the dir containing the Libevent source code. You can build multiple versions (with different compile time settings) from the same source tree by creating other build directories.

It is highly recommended to build "out of source" when using CMake instead of "in source" like the normal behaviour of autoconf for this reason.

The "NMake Makefiles" CMake generator can be used to build entirely via the command line.

To get a list of settings available for the project you can type:

$ cmake -LH ..

GUI

CMake also provides a GUI that lets you specify the source directory and output (binary) directory that the build should be placed in.

OpenSSL support

To build Libevent with OpenSSL support you will need to have OpenSSL binaries available when building, these can be found here: http://www.openssl.org/related/binaries.html

2. USEFUL LINKS:

For the latest released version of Libevent, see the official website at http://libevent.org/ .

There's a pretty good work-in-progress manual up at http://www.wangafu.net/~nickm/libevent-book/ .

For the latest development versions of Libevent, access our Git repository via

$ git clone https://github.com/libevent/libevent.git

You can browse the git repository online at:

https://github.com/libevent/Libevent

To report bugs, issues, or ask for new features:

Patches: https://github.com/libevent/libevent/pulls

OK, those are not really patches You fork, modify, and hit the "Create Pull Request" button. You can still submit normal git patchs via the mailing list.

Bugs, Features [RFC], and Issus: https://github.com/libevent/libevent/issues

Or you can do it via the mailing list.

There's also a libevent-users mailing list for talking about Libevent use and development:

http://archives.seul.org/libevent/users/

3. ACKNOWLEDGMENTS

The following people have helped with suggestions, ideas, code or fixing bugs:

  • Samy Al Bahra
  • Antony Antony
  • Jacob Appelbaum
  • Arno Bakker
  • Weston Andros Adamson
  • William Ahern
  • Ivan Andropov
  • Sergey Avseyev
  • Avi Bab
  • Joachim Bauch
  • Andrey Belobrov
  • Gilad Benjamini
  • Stas Bekman
  • Denis Bilenko
  • Julien Blache
  • Kevin Bowling
  • Tomash Brechko
  • Kelly Brock
  • Ralph Castain
  • Adrian Chadd
  • Lawnstein Chan
  • Shuo Chen
  • Ka-Hing Cheung
  • Andrew Cox
  • Paul Croome
  • George Danchev
  • Andrew Danforth
  • Ed Day
  • Christopher Davis
  • Mike Davis
  • Frank Denis
  • Antony Dovgal
  • Mihai Draghicioiu
  • Alexander Drozdov
  • Mark Ellzey
  • Shie Erlich
  • Leonid Evdokimov
  • Juan Pablo Fernandez
  • Christophe Fillot
  • Mike Frysinger
  • Remi Gacogne
  • Artem Germanov
  • Alexander von Gernler
  • Diego Giagio
  • Artur Grabowski
  • Diwaker Gupta
  • Kuldeep Gupta
  • Sebastian Hahn
  • Dave Hart
  • Greg Hazel
  • Nicholas Heath
  • Michael Herf
  • Sebastian Hahn
  • Savg He
  • Mark Heily
  • Maxime Henrion
  • Michael Herf
  • Greg Hewgill
  • Andrew Hochhaus
  • Aaron Hopkins
  • Tani Hosokawa
  • Jamie Iles
  • Xiuqiang Jiang
  • Claudio Jeker
  • Evan Jones
  • Marcin Juszkiewicz
  • George Kadianakis
  • Makoto Kato
  • Phua Keat
  • Azat Khuzhin
  • Alexander Klauer
  • Kevin Ko
  • Brian Koehmstedt
  • Marko Kreen
  • Ondřej Kuzník
  • Valery Kyholodov
  • Ross Lagerwall
  • Scott Lamb
  • Christopher Layne
  • Adam Langley
  • Graham Leggett
  • Volker Lendecke
  • Philip Lewis
  • Zhou Li
  • David Libenzi
  • Yan Lin
  • Moshe Litvin
  • Simon Liu
  • Mitchell Livingston
  • Hagne Mahre
  • Lubomir Marinov
  • Abilio Marques
  • Nicolas Martyanoff
  • Abel Mathew
  • Nick Mathewson
  • James Mansion
  • Nicholas Marriott
  • Andrey Matveev
  • Caitlin Mercer
  • Dagobert Michelsen
  • Andrea Montefusco
  • Mansour Moufid
  • Mina Naguib
  • Felix Nawothnig
  • Trond Norbye
  • Linus Nordberg
  • Richard Nyberg
  • Jon Oberheide
  • John Ohl
  • Phil Oleson
  • Alexey Ozeritsky
  • Dave Pacheco
  • Derrick Pallas
  • Tassilo von Parseval
  • Catalin Patulea
  • Patrick Pelletier
  • Simon Perreault
  • Dan Petro
  • Pierre Phaneuf
  • Amarin Phaosawasdi
  • Ryan Phillips
  • Dimitre Piskyulev
  • Pavel Plesov
  • Jon Poland
  • Roman Puls
  • Nate R
  • Robert Ransom
  • Balint Reczey
  • Bert JW Regeer
  • Nate Rosenblum
  • Peter Rosin
  • Maseeb Abdul Qadir
  • Wang Qin
  • Alex S
  • Gyepi Sam
  • Hanna Schroeter
  • Ralf Schmitt
  • Mike Smellie
  • Steve Snyder
  • Nir Soffer
  • Dug Song
  • Dongsheng Song
  • Hannes Sowa
  • Joakim Soderberg
  • Joseph Spadavecchia
  • Kevin Springborn
  • Harlan Stenn
  • Andrew Sweeney
  • Ferenc Szalai
  • Brodie Thiesfield
  • Jason Toffaletti
  • Brian Utterback
  • Gisle Vanem
  • Bas Verhoeven
  • Constantine Verutin
  • Colin Watt
  • Zack Weinberg
  • Jardel Weyrich
  • Jay R. Wren
  • Zack Weinberg
  • Mobai Zhang
  • Alejo
  • Alex
  • Taral
  • propanbutan
  • masksqwe
  • mmadia
  • yangacer

If we have forgotten your name, please contact us.

Something went wrong with that request. Please try again.