[ViewVC] Diff of: cvs/CBOR-XS/Changes

Comparing CBOR-XS/Changes (file contents):
Revision 1.18 by root, Tue Oct 29 22:04:52 2013 UTC vs.
Revision 1.87 by root, Tue Dec 8 08:29:43 2020 UTC

1	Revision history for Perl extension CBOR::XS	1	Revision history for Perl extension CBOR::XS
		2
		3	TODO: pack_keys?
		4	TODO: document encode_cbor_sharing?
		5	TODO: weaken cyclic structures?
		6	TODO: large negative integers
		7	TODO: type cast tests.
		8	TODO: possibly implement https://peteroupc.github.io/CBOR/extended.html, but NaNs are nonportable. rely on libecb?
		9	TODO: https://github.com/svaarala/cbor-specs/blob/master/cbor-nonutf8-string-tags.rst, but maybe that is overkill?
		10
		11	1.83 Tue Dec 8 09:27:06 CET 2020
		12	- add CBOR::XS::as_map cast function.
		13
		14	1.82 Tue Dec 1 02:47:40 CET 2020
		15	- add CBOR::XS::as_bool cast function.
		16
		17	1.81 Mon Nov 30 19:29:33 CET 2020
		18	- cast functions were broken due to last-minute renaming. thats
		19	what you get for not having a tessuite.
		20	- Math::BigInt and Math::BigFloat are pretty broken (again),
		21	so disable some tests. (try printing the bigfloat
		22	799999999999999999998E99999999999999999998).
		23
		24	1.8 Sun Nov 29 22:35:13 CET 2020
		25	- experimental support for some type casts, as well as embedding
		26	raw cbor data.
		27
		28	1.71 Thu Nov 15 20:52:13 CET 2018
		29	- work around what smells like a perl bug w.r.t. exceptions
		30	thrown in callbacks.
		31	- update libecb.
		32
		33	1.7 Tue Jun 27 04:02:23 CEST 2017
		34	- SECURITY FIX: fix two bugs found by american fuzzy lop,
		35	upgrade is advised if you accept data from untrusted
		36	sources.
		37	- an out-of bound sharedref or stringref index could cause an
		38	out of bounds access - might be exploitable.
		39	- a decoding error during indefinite array or hash decoding
		40	could cause an endless loop.
		41
		42	1.6 Wed Dec 7 15:13:23 CET 2016
		43	- greatly expand the SECURITY IMPLICATIONS and similar sections.
		44	- new constructor new_safe, to create a secure CBOR::XS object.
		45	- new option forbid_objects, to disallow serialisation.
		46	- new CBOR::XS::safe_filter functionality.
		47	- fix a crash when decoding a cyclic data structure using
		48	stringref/pack_strings when allow_cycles is disabled.
		49	- fix a crash when decoding hash keys with length >= 2**31.
		50	- avoid unreasonably long decoding times for certain
		51	types of (corrupt) cbor texts.
		52	- support arrays and hashes with >= 2**31 members.
		53	- avoid overflow on pointer arithmetic when checking whether enough
		54	data is available.
		55	- fix a memory leak that occured when decoding failed while decoding
		56	a tagged value.
		57	- do not leak the partially constructed result when stringifying
		58	a hash key throws an exception.
		59	- various code size and efficiency optimizations (reduced code
		60	from 42 to 40kB on my system, despite the new features).
		61
		62	1.5 Wed Apr 27 11:38:39 CEST 2016
		63	- Math::BigFloat madness workaround, see
		64	http://blog.schmorp.de/2016-04-23-mathbigfloat-maintainer-fail.html
		65	(bugreport by zdm@softvisio.net).
		66	- add text_keys and text_strings options to force CBOR text encoding
		67	for perl hash keys or all strings, as a result of discussions
		68	with Fredrik Ljunggren.
		69	- implement support for arbitrary-exponent numbers (see
		70	http://peteroupc.github.io/CBOR/bigfrac.html, tags 264 and 265)
		71	for both en- and decoding.
		72	- implement support for rational numbers (see
		73	http://peteroupc.github.io/CBOR/rational.html, tag 30) for both
		74	en- and decoding.
		75	- the above effectively implements all registered CBOR extensions
		76	in a sensible manner.
		77	- remove some weird dead code that was duplicated (%FILTER).
		78	- add t/58_hv.t, which tests hashes and the new text_* flags.
		79	hashes apparently were not encoded at all in any of the existing
		80	tests.
		81	- document Math::BigFloat base-2 performance/crash issues.
		82	- use stability canary.
		83
		84	1.41 Thu 25 Feb 15:22:03 CET 2016
		85	- avoid perl panics on nested FREEZE/THAW calls (testcase by
		86	Victor Efimov).
		87
		88	1.4 Mon Feb 8 05:10:15 CET 2016
		89	- buffer overflow fix: a fast path during decoding did not check
		90	remaining length when decoding hash keys, found by fuzzing.
		91	This can potentially leak information in the error message
		92	or crash the process.
		93	- use C style { 0 } struct initializer.
		94	- upgrade libecb.
		95
		96	1.3 Mon Apr 27 22:21:04 CEST 2015
		97	- the incremental parser didn't properly parse tagged values
		98	(testcase by Mons Anderson).
		99	- slightly speed up encoding of plain (nonmagical) arrays.
		100	- try to clarify further that effectively all 32 bit architectures
		101	have 64 bit integer support.
		102	- upgrade libecb.
		103
		104	1.26 Sat Oct 25 08:35:44 CEST 2014
		105	- update the t/57_incr.t subtest that would rely on 64 bit ints.
		106	- disable t/50_rfc.t test that fails because of broken data::dumper.
		107
		108	1.25 Sun Jan 5 15:19:14 CET 2014
		109	- map key decoding was pretty much botched due to the recent cleanups.
		110	- work around Time::Piece->epoch returning a string value, avoid encoding
		111	this as a tag 1 string.
		112	- enable more testcases in t/50_rfc.t, now that they work :)
		113
		114	1.2 Tue Dec 10 22:06:42 CET 2013
		115	- implement an incremental decoder.
		116
		117	1.12 Tue Dec 3 11:23:22 CET 2013
		118	- work around broken Time::Piece (in old versions of the module, %z doesn't
		119	work as documented, gives different results on different platforms(!)).
		120
		121	1.11 Sun Dec 1 18:00:00 CET 2013
		122	- new setting: validate_utf8, for when you can't trust your cbor data.
		123	- do not leak memory on decoding errors, when allow_cycles is enabled.
		124	- add default filters for tags 0 and 1, using Time::Piece.
		125	- more tests added.
		126
		127	1.1 Sat Nov 30 19:14:27 CET 2013
		128	- INCOMPATIBLE CHANGE: new decoder setting: allow_cyclic, needed to decode
		129	cyclic data structures (to avoid memleaks in unsuspecting code).
		130	- no longer "share" references that aren't, i.e. true/false/null/error/tagged.
		131	- fix stringref w.r.t. indefinite-length strings.
		132	- verify indefinite-length string chunk types.
		133	- do not allow extremely large arrays - assume an array element
		134	requires at least one CBOR byte, to avoid memory exhaustion attacks.
		135	- major code overhaul.
		136
		137	1.0 Thu Nov 28 16:43:31 CET 2013
		138	- use the now official tag values for extensions. remove the
		139	experimental notice. it's the real thing now, with real bugs.
		140	- renamed allow_stringref to pack_strings.
		141	- port to perl <= 5.16.
		142	- slightly improve the documentation.
		143
		144	0.09 Fri Nov 22 16:54:18 CET 2013
		145	- bignum/bigfloat/decimal support.
		146	- uri support.
		147	- tag filter functions support for decoding.
		148	- do not support reference-to-1/0/undef anymore, you need to use
		149	the Types::Serialiser objects now.
		150	- experimental sharable extension support (http://cbor.schmorp.de/value-sharing).
		151	- experimental stringref extension support (http://cbor.schmorp.de/stringref).
		152	- implement indirection tag (http://cbor.schmorp.de/indirection).
		153
		154	0.08 Wed Oct 30 11:10:43 CET 2013
		155	- defused another too fragile test.
2		156
3	0.07 Tue Oct 29 23:04:07 CET 2013	157	0.07 Tue Oct 29 23:04:07 CET 2013
4	- don't crash in decode when silly values are passed in.	158	- don't crash in decode when silly values are passed in.
5	- considerably speed up map decoding when map keys	159	- considerably speed up map decoding when map keys
6	are utf-8 or byte strings.	160	are utf-8 or byte strings.

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing CBOR-XS/Changes (file contents): Revision 1.18 by root, Tue Oct 29 22:04:52 2013 UTC vs. Revision 1.87 by root, Tue Dec 8 08:29:43 2020 UTC

Diff Legend

Comparing CBOR-XS/Changes (file contents):
Revision 1.18 by root, Tue Oct 29 22:04:52 2013 UTC vs.
Revision 1.87 by root, Tue Dec 8 08:29:43 2020 UTC