ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/CBOR-XS/Changes
(Generate patch)

Comparing CBOR-XS/Changes (file contents):
Revision 1.71 by root, Fri Nov 25 12:16:12 2016 UTC vs.
Revision 1.84 by root, Tue Dec 1 01:49:47 2020 UTC

1Revision history for Perl extension CBOR::XS 1Revision history for Perl extension CBOR::XS
2 2
3TODO: pack_keys? 3TODO: pack_keys?
4TODO: document encode_cbor_sharing? 4TODO: document encode_cbor_sharing?
5TODO: weaken cyclic structures? 5TODO: weaken cyclic structures?
6TODO: allowed_classes or so?
7TODO: large negative integers 6TODO: large negative integers
8TODO: russian guy test case exception 7TODO: type cast tests.
9TODO: allow_objects 8TODO: possibly implement https://peteroupc.github.io/CBOR/extended.html, but NaNs are nonportable. rely on libecb?
101.51 9TODO: https://github.com/svaarala/cbor-specs/blob/master/cbor-nonutf8-string-tags.rst, but maybe that is overkill?
11 - point out security implications of having unsafe THAW 10
12 function/methods in your process. 111.81 Tue Dec 1 02:47:40 CET 2020
12 - add CBOR::XS::as_bool cast function.
13
141.81 Mon Nov 30 19:29:33 CET 2020
15 - cast functions were broken due to last-minute renaming. thats
16 what you get for not having a tessuite.
17 - Math::BigInt and Math::BigFloat are pretty broken (again),
18 so disable some tests. (try printing the bigfloat
19 799999999999999999998E99999999999999999998).
20
211.8 Sun Nov 29 22:35:13 CET 2020
22 - experimental support for some type casts, as well as embedding
23 raw cbor data.
24
251.71 Thu Nov 15 20:52:13 CET 2018
26 - work around what smells like a perl bug w.r.t. exceptions
27 thrown in callbacks.
28 - update libecb.
29
301.7 Tue Jun 27 04:02:23 CEST 2017
31 - SECURITY FIX: fix two bugs found by american fuzzy lop,
32 upgrade is advised if you accept data from untrusted
33 sources.
34 - an out-of bound sharedref or stringref index could cause an
35 out of bounds access - might be exploitable.
36 - a decoding error during indefinite array or hash decoding
37 could cause an endless loop.
38
391.6 Wed Dec 7 15:13:23 CET 2016
40 - greatly expand the SECURITY IMPLICATIONS and similar sections.
41 - new constructor new_safe, to create a secure CBOR::XS object.
42 - new option forbid_objects, to disallow serialisation.
43 - new CBOR::XS::safe_filter functionality.
13 - fix a crash when decoding a cyclic data structure using 44 - fix a crash when decoding a cyclic data structure using
14 stringref/pack_strings when allow_cycles is disabled. 45 stringref/pack_strings when allow_cycles is disabled.
15 - fix a crash when decoding hash keys with length >= 2**31. 46 - fix a crash when decoding hash keys with length >= 2**31.
16 - avoid unreasonably long decoding times for certain 47 - avoid unreasonably long decoding times for certain
17 types of data corruption. 48 types of (corrupt) cbor texts.
18 - support arrays and hashes with >= 2**31 members. 49 - support arrays and hashes with >= 2**31 members.
19 - avoid overflow on pointer arithmetic when checking whether enough 50 - avoid overflow on pointer arithmetic when checking whether enough
20 data is available. 51 data is available.
52 - fix a memory leak that occured when decoding failed while decoding
53 a tagged value.
54 - do not leak the partially constructed result when stringifying
55 a hash key throws an exception.
56 - various code size and efficiency optimizations (reduced code
57 from 42 to 40kB on my system, despite the new features).
21 58
221.5 Wed Apr 27 11:38:39 CEST 2016 591.5 Wed Apr 27 11:38:39 CEST 2016
23 - Math::BigFloat madness workaround, see 60 - Math::BigFloat madness workaround, see
24 http://blog.schmorp.de/2016-04-23-mathbigfloat-maintainer-fail.html 61 http://blog.schmorp.de/2016-04-23-mathbigfloat-maintainer-fail.html
25 (bugreport by zdm@softvisio.net). 62 (bugreport by zdm@softvisio.net).

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines