ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/CBOR-XS/Changes
(Generate patch)

Comparing CBOR-XS/Changes (file contents):
Revision 1.71 by root, Fri Nov 25 12:16:12 2016 UTC vs.
Revision 1.82 by root, Mon Nov 30 18:30:29 2020 UTC

1Revision history for Perl extension CBOR::XS 1Revision history for Perl extension CBOR::XS
2 2
3TODO: pack_keys? 3TODO: pack_keys?
4TODO: document encode_cbor_sharing? 4TODO: document encode_cbor_sharing?
5TODO: weaken cyclic structures? 5TODO: weaken cyclic structures?
6TODO: allowed_classes or so?
7TODO: large negative integers 6TODO: large negative integers
8TODO: russian guy test case exception 7TODO: type cast tests.
9TODO: allow_objects 8TODO: possibly implement https://peteroupc.github.io/CBOR/extended.html, but NaNs are nonportable. rely on libecb?
101.51 9TODO: https://github.com/svaarala/cbor-specs/blob/master/cbor-nonutf8-string-tags.rst, but maybe that is overkill?
11 - point out security implications of having unsafe THAW 10
12 function/methods in your process. 111.81 Mon Nov 30 19:29:33 CET 2020
12 - cast funbctions were broken due to last-minute renaming. thats
13 what you egt for not havign a tessuite.
14 - Math::BigInt and Math::BigFloat are pretty broken (again),
15 so disable some tests. (try printing the bigfloat
16 799999999999999999998E99999999999999999998).
17
181.8 Sun Nov 29 22:35:13 CET 2020
19 - experimental support for some type casts, as well as embedding
20 raw cbor data.
21
221.71 Thu Nov 15 20:52:13 CET 2018
23 - work around what smells like a perl bug w.r.t. exceptions
24 thrown in callbacks.
25 - update libecb.
26
271.7 Tue Jun 27 04:02:23 CEST 2017
28 - SECURITY FIX: fix two bugs found by american fuzzy lop,
29 upgrade is advised if you accept data from untrusted
30 sources.
31 - an out-of bound sharedref or stringref index could cause an
32 out of bounds access - might be exploitable.
33 - a decoding error during indefinite array or hash decoding
34 could cause an endless loop.
35
361.6 Wed Dec 7 15:13:23 CET 2016
37 - greatly expand the SECURITY IMPLICATIONS and similar sections.
38 - new constructor new_safe, to create a secure CBOR::XS object.
39 - new option forbid_objects, to disallow serialisation.
40 - new CBOR::XS::safe_filter functionality.
13 - fix a crash when decoding a cyclic data structure using 41 - fix a crash when decoding a cyclic data structure using
14 stringref/pack_strings when allow_cycles is disabled. 42 stringref/pack_strings when allow_cycles is disabled.
15 - fix a crash when decoding hash keys with length >= 2**31. 43 - fix a crash when decoding hash keys with length >= 2**31.
16 - avoid unreasonably long decoding times for certain 44 - avoid unreasonably long decoding times for certain
17 types of data corruption. 45 types of (corrupt) cbor texts.
18 - support arrays and hashes with >= 2**31 members. 46 - support arrays and hashes with >= 2**31 members.
19 - avoid overflow on pointer arithmetic when checking whether enough 47 - avoid overflow on pointer arithmetic when checking whether enough
20 data is available. 48 data is available.
49 - fix a memory leak that occured when decoding failed while decoding
50 a tagged value.
51 - do not leak the partially constructed result when stringifying
52 a hash key throws an exception.
53 - various code size and efficiency optimizations (reduced code
54 from 42 to 40kB on my system, despite the new features).
21 55
221.5 Wed Apr 27 11:38:39 CEST 2016 561.5 Wed Apr 27 11:38:39 CEST 2016
23 - Math::BigFloat madness workaround, see 57 - Math::BigFloat madness workaround, see
24 http://blog.schmorp.de/2016-04-23-mathbigfloat-maintainer-fail.html 58 http://blog.schmorp.de/2016-04-23-mathbigfloat-maintainer-fail.html
25 (bugreport by zdm@softvisio.net). 59 (bugreport by zdm@softvisio.net).

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines