The project has been getting a flood of private vulnerability reports, most of which are invalid, and a few of which should have just been normal bugs. This has essentially been a DoS attack on maintainer time, since we're unable to change them into normal bugs after assessment. We now have a libuv-security@googlegroups.com list instead to help redirect those seeking CVE fame. The hope is to redirect most people to actually use the issue list as it has always been intended to be used.
Remove the conditionals so that posix_spawn will be used whenever
possible, and not only on Apple.
Tests specifically if posix_spawn works before using it: it is broken
on QEMU with glibc, for example, since fork/clone is broken there.
Copy the optimization from tcp/udp stack: when read/writes don't require
IOCP to complete, put them directly right into the pending queue, so
they can be processed without a full loop through IOCP each time to
drain them asynchronously.
Because libuv truncates the result of every call to INT32_MAX, it needs
to internally limit operations to INT32_MAX to be safe to use libuv.
This isn't an API change, since these operations weren't guaranteed to
work, and in fact usually failed in bizare ways already. This is very
long in coming, since we've had a lot of compiler warnings about this
and several PRs to fix this open for a decade, but the main consumers
that usually fix things didn't care (nodejs is 32-bit and julia patched
this downstream more than a decade ago, though it did run into this
again recently by mistake with sendfile).
Replaces #1501Fixes#3360
Add a new `UV_PROCESS_WINDOWS_RESOLVE_BATCH` flag, which allows
.cmd and .bat files to be considered when resolving an executable
without an explicit extension on Windows.
This is useful for some cross-platform solutions that may spawn
processes without specifying extensions (#5088).
Previously, the user might unknowingly close a uv_process_t before
doing waitpid on the zombie, leaving it forever undead. Track the state
of the child, so that the application wrapper can avoid this by calling
uv_process_kill and checking for UV_ESRCH error.
- Replace dead developer.ibm.com AIX article with current IBM Docs URL
- Update IBM Knowledge Centre z/OS URL to new ibm.com/docs location
- Update docs.microsoft.com links to learn.microsoft.com
- Update curl.haxx.se links to curl.se
- Update c-ares.haxx.se to c-ares.org
- Update tools.ietf.org RFC link to datatracker.ietf.org
- Update www.tldp.org links to tldp.org (drop www)
- Update www.nodejs.org and www.rust-lang.org (drop www)
- Upgrade http://docs.libuv.org links to https
- Replace dead kkaefer.com link with GitHub Pages + YouTube video
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Fixed race conditions and memory safety issues in the progress example
by using C11 atomic operations for proper thread synchronization.
Changes:
- Changed percentage from double to _Atomic double
- Use atomic_store_explicit() with memory_order_release when writing
- Use atomic_load_explicit() with memory_order_acquire when reading
- Removed unsafe pointer passing via async.data
This ensures proper memory synchronization between the worker thread
and async callback, preventing data races and dangling pointer issues.
Fixes#4386
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Replaces `[image]` tags in libuv manual page with a textual
representation of the graphical image.
In addition added alternative-text for graphical deliverables.
Fixes: https://github.com/libuv/libuv/issues/4708
This is not precisely a strict rule, but this syntax is reinforced in many
large C projects like the Linux kernel and cURL.
Signed-off-by: Juan José Arboleda <soyjuanarbol@gmail.com>
Port 143da93e to Windows: replace the 250 ms settle delay with a pipe-
based synchronization mechanism. The parent creates a pipe, passes the
write-end handle to the helper via UV_TEST_RUNNER_FD, then blocks on
ReadFile() until the helper calls notify_parent_process() and closes its
copy of the handle.
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
When the user calls uv_async_send concurrently with uv_loop_close, we
try to prevent that data race from actually accessing undefined behavior
by setting the pending flag atomically with the busy flag. This was
proposed in the original PR, but we didn't have motivation to go with
this implementation until a user pointed out that it improves behavior
of the race window in more cases.
Reserve one byte for the NUL terminator when passing the buffer size
to uv_utf16_to_wtf8() in the TTY line-read path. Without this, when
all input characters encode to exactly 3 UTF-8 bytes (e.g. CJK) and
the buffer size is divisible by 3, the NUL terminator is written one
byte past the allocated buffer.
The other two call sites in src/win/util.c already subtract 1 before
calling uv_utf16_to_wtf8(). This aligns tty.c with that convention.
Fixes commit f3889085 ("win,tty: convert line-read UTF-16 to WTF-8")
from October 2023.
Refs: https://github.com/libuv/libuv/security/advisories/GHSA-4prr-4742-3ccf
Previously, `uv__udp_io` would proceed to call `uv__udp_recvmsg` for
the `POLLERR` event even if the handle was just closed by the `POLLIN`
callback.
This commit adds a guard to verify the handle is still active before
processing the error queue. It also adds a regression test that
mimics this recursive closure behavior.
Fixes: https://github.com/libuv/libuv/issues/5030
Signed-off-by: Juan José Arboleda <soyjuanarbol@gmail.com>
Fix the casting of const char varaibles with const char returns from
functions, when the data being returned is not being modified. Includes
the part revert of "unix: fix compilation warnings with GCC 15"
This reverts commit 50ed2fd7bd.
Do not cast const char to char unnecessarily. Refactor function to use
char s only when slash is in the path.
Fixes:
[6/73] Building C object CMakeFiles/uv.dir/src/inet.c.o
../src/inet.c: In function 'uv_inet_pton':
../src/inet.c:157:7: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
157 | p = strchr(src, '%');
| ^
Signed-off-by: Rudi Heitbaum <rudi@heitbaum.com>
Fix#4814 by adding const annotation when assigning string literal
"unknown" to `char*` pointer.
This eliminates compiler warnings when building with strict
const-correctness flags like `-Wwrite-strings`.
