[ViewVC] Annotation of: cvs/CBOR-XS/Changes

Revision history for Perl extension CBOR::XS

TODO: pack_keys?
TODO: document encode_cbor_sharing?
TODO: large negative integers
TODO: type cast tests.
TODO: round-tripping of types, such as float16 - maybe types::Serialiser support?
TODO: possibly implement https://peteroupc.github.io/CBOR/extended.html, but NaNs are nonportable. rely on libecb?
TODO: https://github.com/svaarala/cbor-specs/blob/master/cbor-nonutf8-string-tags.rst, but maybe that is overkill?

1.87 Fri 08 Sep 2023 22:14:18 CEST
        - shared references were not decoded correctly: instead of getting
          multiple references to the same object, you got the same
          reference to the same object, causing a number of issues. For
          example, modifying the reference would modify all places the
          reference was used, and encoding the decoded structure would
          unshare the previously shared hashes, as trheir reference count
          would be 1. Fixing this was rather involved, as perl lacks the
          ability to easily swap or copy arrays and hashes.
        - \0, \1, \undef do not work, and were not intended to ever work, as
          special values, despite being mentioned in the documentation (reported
          by nuclightq).
        - new feature: allow_weak_cycles.

1.86 Thu 04 Nov 2021 17:48:16 CET
        - fixed a wrong printf format specifier (reported by Petr Písař).

1.85 Sat 23 Oct 2021 04:59:56 CEST
        - left debugging printf in code, need a test for that :(

1.84 Thu 21 Oct 2021 03:11:52 CEST
        - fix a bug in validate_utf8 where we call perl's is_utf8_string with
          a lenght of zero for empty strings, but perl interprets that as
          "calculate length", causing spurious validation errors for
          empty strings.
        - include validate_utf8 in new_safe.
        - avoid some warnings.

1.83 Tue Dec  8 09:27:06 CET 2020
        - add CBOR::XS::as_map cast function.

1.82 Tue Dec  1 02:47:40 CET 2020
        - add CBOR::XS::as_bool cast function.

1.81 Mon Nov 30 19:29:33 CET 2020
        - cast functions were broken due to last-minute renaming. thats
          what you get for not having a tessuite.
        - Math::BigInt and Math::BigFloat are pretty broken (again),
          so disable some tests. (try printing the bigfloat
          799999999999999999998E99999999999999999998).

1.8  Sun Nov 29 22:35:13 CET 2020
        - experimental support for some type casts, as well as embedding
          raw cbor data.

1.71 Thu Nov 15 20:52:13 CET 2018
        - work around what smells like a perl bug w.r.t. exceptions
          thrown in callbacks.
        - update libecb.

1.7  Tue Jun 27 04:02:23 CEST 2017
        - SECURITY FIX: fix two bugs found by american fuzzy lop,
          upgrade is advised if you accept data from untrusted
          sources.
        - an out-of bound sharedref or stringref index could cause an
          out of bounds access - might be exploitable.
        - a decoding error during indefinite array or hash decoding
          could cause an endless loop.

1.6  Wed Dec  7 15:13:23 CET 2016
        - greatly expand the SECURITY IMPLICATIONS and similar sections.
        - new constructor new_safe, to create a secure CBOR::XS object.
        - new option forbid_objects, to disallow serialisation.
        - new CBOR::XS::safe_filter functionality.
        - fix a crash when decoding a cyclic data structure using
          stringref/pack_strings when allow_cycles is disabled.
        - fix a crash when decoding hash keys with length >= 2**31.
        - avoid unreasonably long decoding times for certain
          types of (corrupt) cbor texts.
        - support arrays and hashes with >= 2**31 members.
        - avoid overflow on pointer arithmetic when checking whether enough
          data is available.
        - fix a memory leak that occured when decoding failed while decoding
          a tagged value.
        - do not leak the partially constructed result when stringifying
          a hash key throws an exception.
        - various code size and efficiency optimizations (reduced code
          from 42 to 40kB on my system, despite the new features).

1.5  Wed Apr 27 11:38:39 CEST 2016
        - Math::BigFloat madness workaround, see
          http://blog.schmorp.de/2016-04-23-mathbigfloat-maintainer-fail.html
          (bugreport by zdm@softvisio.net).
        - add text_keys and text_strings options to force CBOR text encoding
          for perl hash keys or all strings, as a result of discussions
          with Fredrik Ljunggren.
        - implement support for arbitrary-exponent numbers (see
          http://peteroupc.github.io/CBOR/bigfrac.html, tags 264 and 265)
          for both en- and decoding.
        - implement support for rational numbers (see
          http://peteroupc.github.io/CBOR/rational.html, tag 30) for both
          en- and decoding.
        - the above effectively implements all registered CBOR extensions
          in a sensible manner.
        - remove some weird dead code that was duplicated (%FILTER).
        - add t/58_hv.t, which tests hashes and the new text_* flags.
          hashes apparently were not encoded at all in any of the existing
          tests.
        - document Math::BigFloat base-2 performance/crash issues.
        - use stability canary.

1.41 Thu 25 Feb 15:22:03 CET 2016
        - avoid perl panics on nested FREEZE/THAW calls (testcase by
          Victor Efimov).

1.4  Mon Feb  8 05:10:15 CET 2016
        - buffer overflow fix: a fast path during decoding did not check
          remaining length when decoding hash keys, found by fuzzing.
          This can potentially leak information in the error message
          or crash the process.
        - use C style { 0 } struct initializer.
        - upgrade libecb.

1.3  Mon Apr 27 22:21:04 CEST 2015
        - the incremental parser didn't properly parse tagged values
          (testcase by Mons Anderson).
        - slightly speed up encoding of plain (nonmagical) arrays.
        - try to clarify further that effectively all 32 bit architectures
          have 64 bit integer support.
        - upgrade libecb.

1.26 Sat Oct 25 08:35:44 CEST 2014
        - update the t/57_incr.t subtest that would rely on 64 bit ints.
        - disable t/50_rfc.t test that fails because of broken data::dumper.

1.25 Sun Jan  5 15:19:14 CET 2014
        - map key decoding was pretty much botched due to the recent cleanups.
        - work around Time::Piece->epoch returning a string value, avoid encoding
          this as a tag 1 string.
        - enable more testcases in t/50_rfc.t, now that they work :)

1.2  Tue Dec 10 22:06:42 CET 2013
        - implement an incremental decoder.

1.12 Tue Dec  3 11:23:22 CET 2013
        - work around broken Time::Piece (in old versions of the module, %z doesn't
          work as documented, gives different results on different platforms(!)).

1.11 Sun Dec  1 18:00:00 CET 2013
        - new setting: validate_utf8, for when you can't trust your cbor data.
        - do not leak memory on decoding errors, when allow_cycles is enabled.
        - add default filters for tags 0 and 1, using Time::Piece.
        - more tests added.

1.1  Sat Nov 30 19:14:27 CET 2013
        - INCOMPATIBLE CHANGE: new decoder setting: allow_cyclic, needed to decode
          cyclic data structures (to avoid memleaks in unsuspecting code).
        - no longer "share" references that aren't, i.e. true/false/null/error/tagged.
        - fix stringref w.r.t. indefinite-length strings.
        - verify indefinite-length string chunk types.
        - do not allow extremely large arrays - assume an array element
          requires at least one CBOR byte, to avoid memory exhaustion attacks.
        - major code overhaul.

1.0  Thu Nov 28 16:43:31 CET 2013
        - use the now official tag values for extensions. remove the
          experimental notice. it's the real thing now, with real bugs.
        - renamed allow_stringref to pack_strings.
        - port to perl <= 5.16.
        - slightly improve the documentation.

0.09  Fri Nov 22 16:54:18 CET 2013
        - bignum/bigfloat/decimal support.
        - uri support.
        - tag filter functions support for decoding.
        - do not support reference-to-1/0/undef anymore, you need to use
          the Types::Serialiser objects now.
        - experimental sharable extension support (http://cbor.schmorp.de/value-sharing).
        - experimental stringref extension support (http://cbor.schmorp.de/stringref).
        - implement indirection tag (http://cbor.schmorp.de/indirection).

0.08  Wed Oct 30 11:10:43 CET 2013
        - defused another too fragile test.

0.07  Tue Oct 29 23:04:07 CET 2013
        - don't crash in decode when silly values are passed in.
        - considerably speed up map decoding when map keys
          are utf-8 or byte strings.
        - raising an exception in THAW should now work without
          leaking.

0.06  Tue Oct 29 16:56:07 CET 2013
        - do not leak when deserialiasing via THAW.
        - implement and document CBOR::XS creation/access/mutate
          methods.

0.05  Mon Oct 28 22:27:47 CET 2013
        - do not leak hash keys on decoding.

0.04  Sun Oct 27 23:47:47 CET 2013
        - implement TO_CBOR/FREEZE/THAW serialisation protocols.
        - requested perl-object and generic-object tags from iana.
        - switched to Types::Serialiser for true, false and error.
        - disabled some fragile tests (thanks, andk).

0.03  Sun Oct 27 00:28:41 CEST 2013
        - improve 32 bit platform compatibility.
        - take more advantage of ecb.h.
        - preliminary and bare-bones tagged support.
        - improved docs.

0.02  Sat Oct 26 13:08:05 CEST 2013
        - no aborts left.
        - add $CBOR::XS::MAGIC.
        - preliminary tagged decoding to arrayref.
        - indefinite encoding fixed.
        - half float decoding implemented.
        - t/50_rfc.t adds test vectors from the rfc, which
          are checked as applicable.

0.01  Fri Oct 25 21:39:56 CEST 2013
        - original version; cloned from JSON-XS

Revision:	1.99
Committed:	Fri Sep 8 20:16:09 2023 UTC (8 months, 1 week ago) by root
Branch:	MAIN
CVS Tags:	rel-1_87, HEAD
Changes since 1.98:	+3 -4 lines
Log Message:	* empty log message *
#	User	Rev	Content
1	root	1.1	Revision history for Perl extension CBOR::XS
2
3	root	1.30	TODO: pack_keys?
4	root	1.36	TODO: document encode_cbor_sharing?
5	root	1.70	TODO: large negative integers
6	root	1.79	TODO: type cast tests.
7	root	1.93	TODO: round-tripping of types, such as float16 - maybe types::Serialiser support?
8	root	1.81	TODO: possibly implement https://peteroupc.github.io/CBOR/extended.html, but NaNs are nonportable. rely on libecb?
9			TODO: https://github.com/svaarala/cbor-specs/blob/master/cbor-nonutf8-string-tags.rst, but maybe that is overkill?
10	root	1.84
11	root	1.99	1.87 Fri 08 Sep 2023 22:14:18 CEST
12	root	1.97	- shared references were not decoded correctly: instead of getting
13			multiple references to the same object, you got the same
14			reference to the same object, causing a number of issues. For
15			example, modifying the reference would modify all places the
16			reference was used, and encoding the decoded structure would
17			unshare the previously shared hashes, as trheir reference count
18	root	1.99	would be 1. Fixing this was rather involved, as perl lacks the
19			ability to easily swap or copy arrays and hashes.
20	root	1.95	- \0, \1, \undef do not work, and were not intended to ever work, as
21			special values, despite being mentioned in the documentation (reported
22			by nuclightq).
23	root	1.98	- new feature: allow_weak_cycles.
24	root	1.95
25	root	1.93	1.86 Thu 04 Nov 2021 17:48:16 CET
26	root	1.92	- fixed a wrong printf format specifier (reported by Petr Písař).
27
28	root	1.91	1.85 Sat 23 Oct 2021 04:59:56 CEST
29			- left debugging printf in code, need a test for that :(
30
31	root	1.90	1.84 Thu 21 Oct 2021 03:11:52 CEST
32			- fix a bug in validate_utf8 where we call perl's is_utf8_string with
33			a lenght of zero for empty strings, but perl interprets that as
34			"calculate length", causing spurious validation errors for
35			empty strings.
36	root	1.89	- include validate_utf8 in new_safe.
37	root	1.88	- avoid some warnings.
38
39	root	1.87	1.83 Tue Dec 8 09:27:06 CET 2020
40			- add CBOR::XS::as_map cast function.
41
42	root	1.85	1.82 Tue Dec 1 02:47:40 CET 2020
43	root	1.84	- add CBOR::XS::as_bool cast function.
44	root	1.81
45	root	1.82	1.81 Mon Nov 30 19:29:33 CET 2020
46	root	1.84	- cast functions were broken due to last-minute renaming. thats
47			what you get for not having a tessuite.
48	root	1.81	- Math::BigInt and Math::BigFloat are pretty broken (again),
49			so disable some tests. (try printing the bigfloat
50			799999999999999999998E99999999999999999998).
51	root	1.79
52	root	1.80	1.8 Sun Nov 29 22:35:13 CET 2020
53	root	1.79	- experimental support for some type casts, as well as embedding
54			raw cbor data.
55	root	1.76
56	root	1.78	1.71 Thu Nov 15 20:52:13 CET 2018
57			- work around what smells like a perl bug w.r.t. exceptions
58			thrown in callbacks.
59			- update libecb.
60
61	root	1.77	1.7 Tue Jun 27 04:02:23 CEST 2017
62			- SECURITY FIX: fix two bugs found by american fuzzy lop,
63			upgrade is advised if you accept data from untrusted
64			sources.
65			- an out-of bound sharedref or stringref index could cause an
66			out of bounds access - might be exploitable.
67			- a decoding error during indefinite array or hash decoding
68			could cause an endless loop.
69
70	root	1.76	1.6 Wed Dec 7 15:13:23 CET 2016
71	root	1.75	- greatly expand the SECURITY IMPLICATIONS and similar sections.
72	root	1.74	- new constructor new_safe, to create a secure CBOR::XS object.
73			- new option forbid_objects, to disallow serialisation.
74			- new CBOR::XS::safe_filter functionality.
75	root	1.69	- fix a crash when decoding a cyclic data structure using
76			stringref/pack_strings when allow_cycles is disabled.
77	root	1.71	- fix a crash when decoding hash keys with length >= 2**31.
78			- avoid unreasonably long decoding times for certain
79	root	1.75	types of (corrupt) cbor texts.
80	root	1.71	- support arrays and hashes with >= 2**31 members.
81			- avoid overflow on pointer arithmetic when checking whether enough
82			data is available.
83	root	1.72	- fix a memory leak that occured when decoding failed while decoding
84			a tagged value.
85	root	1.73	- do not leak the partially constructed result when stringifying
86			a hash key throws an exception.
87	root	1.74	- various code size and efficiency optimizations (reduced code
88	root	1.75	from 42 to 40kB on my system, despite the new features).
89	root	1.46
90	root	1.67	1.5 Wed Apr 27 11:38:39 CEST 2016
91	root	1.61	- Math::BigFloat madness workaround, see
92			http://blog.schmorp.de/2016-04-23-mathbigfloat-maintainer-fail.html
93	root	1.57	(bugreport by zdm@softvisio.net).
94	root	1.61	- add text_keys and text_strings options to force CBOR text encoding
95			for perl hash keys or all strings, as a result of discussions
96			with Fredrik Ljunggren.
97	root	1.64	- implement support for arbitrary-exponent numbers (see
98			http://peteroupc.github.io/CBOR/bigfrac.html, tags 264 and 265)
99			for both en- and decoding.
100	root	1.65	- implement support for rational numbers (see
101			http://peteroupc.github.io/CBOR/rational.html, tag 30) for both
102			en- and decoding.
103	root	1.67	- the above effectively implements all registered CBOR extensions
104	root	1.66	in a sensible manner.
105	root	1.67	- remove some weird dead code that was duplicated (%FILTER).
106	root	1.60	- add t/58_hv.t, which tests hashes and the new text_* flags.
107	root	1.67	hashes apparently were not encoded at all in any of the existing
108	root	1.60	tests.
109	root	1.67	- document Math::BigFloat base-2 performance/crash issues.
110	root	1.62	- use stability canary.
111	root	1.57
112	root	1.56	1.41 Thu 25 Feb 15:22:03 CET 2016
113			- avoid perl panics on nested FREEZE/THAW calls (testcase by
114			Victor Efimov).
115
116	root	1.54	1.4 Mon Feb 8 05:10:15 CET 2016
117			- buffer overflow fix: a fast path during decoding did not check
118			remaining length when decoding hash keys, found by fuzzing.
119	root	1.55	This can potentially leak information in the error message
120			or crash the process.
121	root	1.53	- use C style { 0 } struct initializer.
122	root	1.54	- upgrade libecb.
123	root	1.53
124	root	1.52	1.3 Mon Apr 27 22:21:04 CEST 2015
125			- the incremental parser didn't properly parse tagged values
126			(testcase by Mons Anderson).
127	root	1.50	- slightly speed up encoding of plain (nonmagical) arrays.
128	root	1.51	- try to clarify further that effectively all 32 bit architectures
129			have 64 bit integer support.
130	root	1.52	- upgrade libecb.
131	root	1.50
132	root	1.49	1.26 Sat Oct 25 08:35:44 CEST 2014
133	root	1.47	- update the t/57_incr.t subtest that would rely on 64 bit ints.
134	root	1.48	- disable t/50_rfc.t test that fails because of broken data::dumper.
135	root	1.47
136	root	1.46	1.25 Sun Jan 5 15:19:14 CET 2014
137			- map key decoding was pretty much botched due to the recent cleanups.
138			- work around Time::Piece->epoch returning a string value, avoid encoding
139			this as a tag 1 string.
140			- enable more testcases in t/50_rfc.t, now that they work :)
141
142			1.2 Tue Dec 10 22:06:42 CET 2013
143			- implement an incremental decoder.
144	root	1.39
145	root	1.44	1.12 Tue Dec 3 11:23:22 CET 2013
146	root	1.45	- work around broken Time::Piece (in old versions of the module, %z doesn't
147			work as documented, gives different results on different platforms(!)).
148	root	1.43
149	root	1.42	1.11 Sun Dec 1 18:00:00 CET 2013
150	root	1.39	- new setting: validate_utf8, for when you can't trust your cbor data.
151			- do not leak memory on decoding errors, when allow_cycles is enabled.
152	root	1.41	- add default filters for tags 0 and 1, using Time::Piece.
153	root	1.42	- more tests added.
154	root	1.30
155	root	1.37	1.1 Sat Nov 30 19:14:27 CET 2013
156	root	1.36	- INCOMPATIBLE CHANGE: new decoder setting: allow_cyclic, needed to decode
157			cyclic data structures (to avoid memleaks in unsuspecting code).
158	root	1.37	- no longer "share" references that aren't, i.e. true/false/null/error/tagged.
159	root	1.32	- fix stringref w.r.t. indefinite-length strings.
160			- verify indefinite-length string chunk types.
161	root	1.35	- do not allow extremely large arrays - assume an array element
162	root	1.37	requires at least one CBOR byte, to avoid memory exhaustion attacks.
163	root	1.34	- major code overhaul.
164	root	1.32
165	root	1.31	1.0 Thu Nov 28 16:43:31 CET 2013
166	root	1.28	- use the now official tag values for extensions. remove the
167			experimental notice. it's the real thing now, with real bugs.
168	root	1.29	- renamed allow_stringref to pack_strings.
169	root	1.27	- port to perl <= 5.16.
170	root	1.31	- slightly improve the documentation.
171	root	1.27
172	root	1.25	0.09 Fri Nov 22 16:54:18 CET 2013
173	root	1.24	- bignum/bigfloat/decimal support.
174			- uri support.
175			- tag filter functions support for decoding.
176	root	1.21	- do not support reference-to-1/0/undef anymore, you need to use
177			the Types::Serialiser objects now.
178			- experimental sharable extension support (http://cbor.schmorp.de/value-sharing).
179	root	1.22	- experimental stringref extension support (http://cbor.schmorp.de/stringref).
180	root	1.21	- implement indirection tag (http://cbor.schmorp.de/indirection).
181
182	root	1.20	0.08 Wed Oct 30 11:10:43 CET 2013
183	root	1.19	- defused another too fragile test.
184
185	root	1.18	0.07 Tue Oct 29 23:04:07 CET 2013
186	root	1.17	- don't crash in decode when silly values are passed in.
187			- considerably speed up map decoding when map keys
188			are utf-8 or byte strings.
189	root	1.18	- raising an exception in THAW should now work without
190			leaking.
191	root	1.17
192	root	1.16	0.06 Tue Oct 29 16:56:07 CET 2013
193	root	1.14	- do not leak when deserialiasing via THAW.
194	root	1.15	- implement and document CBOR::XS creation/access/mutate
195			methods.
196	root	1.14
197	root	1.13	0.05 Mon Oct 28 22:27:47 CET 2013
198	root	1.12	- do not leak hash keys on decoding.
199
200	root	1.11	0.04 Sun Oct 27 23:47:47 CET 2013
201	root	1.10	- implement TO_CBOR/FREEZE/THAW serialisation protocols.
202	root	1.7	- requested perl-object and generic-object tags from iana.
203	root	1.9	- switched to Types::Serialiser for true, false and error.
204	root	1.8	- disabled some fragile tests (thanks, andk).
205	root	1.7
206	root	1.6	0.03 Sun Oct 27 00:28:41 CEST 2013
207	root	1.4	- improve 32 bit platform compatibility.
208	root	1.5	- take more advantage of ecb.h.
209	root	1.6	- preliminary and bare-bones tagged support.
210			- improved docs.
211	root	1.4
212	root	1.3	0.02 Sat Oct 26 13:08:05 CEST 2013
213			- no aborts left.
214			- add $CBOR::XS::MAGIC.
215			- preliminary tagged decoding to arrayref.
216	root	1.2	- indefinite encoding fixed.
217			- half float decoding implemented.
218			- t/50_rfc.t adds test vectors from the rfc, which
219			are checked as applicable.
220
221	root	1.1	0.01 Fri Oct 25 21:39:56 CEST 2013
222			- original version; cloned from JSON-XS
223