| 1 | Revision history for Perl extension Convert::UUlib. |
1 | Revision history for Perl extension Convert::UUlib. |
|
|
2 | |
|
|
3 | 1.6 Thu Oct 24 17:11:54 CEST 2019 |
|
|
4 | - fix heap overflow (testcase by Noel Duffy, reported |
|
|
5 | by Robert Scheck). The defense-in-depth mechanism based |
|
|
6 | on mmap should make this unexploitable for other than denial |
|
|
7 | of service, on systems supporting mmap/mprotect. |
|
|
8 | |
|
|
9 | 1.5 Sat Jul 11 03:56:06 CEST 2015 |
|
|
10 | - fix a heap overflow (testcase by Krzysztof WojtaĆ). |
|
|
11 | - on systems that support it (posix + mmap + map_anonymous), |
|
|
12 | allocate all dynamic areas via mmap and put four guard |
|
|
13 | pages around them, to catch similar heap overflows |
|
|
14 | safely in the future. |
|
|
15 | - find a safer way to pass in CC/CFLAGS to uulib. |
|
|
16 | - added stability canary support. |
|
|
17 | |
|
|
18 | 1.4 Sun May 29 17:17:01 CEST 2011 |
|
|
19 | - avoid a classical buffer overflow in case a progress |
|
|
20 | message is too long. |
|
|
21 | - this release adds dependencies for snprintf/vsnprintf. |
|
|
22 | - some uuencode encoders do not generate a final "space" line |
|
|
23 | before the "end" marker, so do not rely on the line to be there. |
|
|
24 | |
|
|
25 | 1.34 Tue Dec 14 22:20:00 CET 2010 |
|
|
26 | - fix a one-byte-past-end-write buffer overflow in UURepairData |
|
|
27 | (reported, analysed and testcase provided by Marco Walther). |
|
|
28 | - quoted-printable decoding was completely broken, try a fix. |
|
|
29 | |
|
|
30 | 1.33 Wed Oct 28 09:04:38 CET 2009 |
|
|
31 | - handle yEnc files with part end=0 and total= more gracefully. |
|
|
32 | I wish yEnc had been created by somebody who knows; |
|
|
33 | what he does; |
|
|
34 | but I doubt he even knows; |
|
|
35 | what he did. |
|
|
36 | |
|
|
37 | 1.32 Wed Sep 16 20:07:13 CEST 2009 |
|
|
38 | - Due to a glitch with CVS, configure lacked executable bits. |
|
|
39 | (Quickly reported by Anton Berezin). |
|
|
40 | |
|
|
41 | 1.31 Wed Sep 16 09:04:30 CEST 2009 |
|
|
42 | - do not use system-replacements for case-insensitive string |
|
|
43 | functions when found, as they are broken on too many systems |
|
|
44 | (mostly bsds, as usual, but at least some versions of GNU/Linux |
|
|
45 | disagree with themselves apparently). Analyzed by Anton Berezin. |
|
|
46 | |
|
|
47 | 1.3 Sat Aug 29 01:24:35 CEST 2009 |
|
|
48 | - major changes, new bugs and changes in decoding behaviour are |
|
|
49 | expected (but not intended). |
|
|
50 | - major scanning and decoding speed-up (by a factor of 4), |
|
|
51 | by replacing ultra-slow _FP_gets and improving IsKnownHeader |
|
|
52 | (but fgets is *still* responsible for >50% if the time). |
|
|
53 | - new option OPT_AUTOCHECK to disable O(n) UUCheckGlobalList |
|
|
54 | call after every loadfile, majorly speeds up large decodes |
|
|
55 | (easily by a factor of 10..100). |
|
|
56 | - allow "Smerge -1" to call UUCheckGlobalList. |
|
|
57 | - majorly speed up part insertion (still O(n), but much faster). |
|
|
58 | - allow for 1023 octet headers instead of the standard |
|
|
59 | 255 octet ones. |
|
|
60 | - support strcasestr, strcasecmp, strncasecmp for added speed. |
|
|
61 | |
|
|
62 | 1.12 Mon Oct 13 14:11:01 CEST 2008 |
|
|
63 | - use the yencode filesize as additional matching criterium |
|
|
64 | to avoid false matches. |
|
|
65 | - made the example decoder more verbose w.r.t. error handling. |
|
|
66 | - removed potentially confusing decode_temp calls from |
|
|
67 | example decoder. |
|
|
68 | |
|
|
69 | 1.11 Fri Jun 13 15:32:30 CEST 2008 |
|
|
70 | - don't ask. |
|
|
71 | |
|
|
72 | 1.10 Fri Jun 13 14:22:42 CEST 2008 |
|
|
73 | - fix an infinite-looping problem when scanning in freestyle |
|
|
74 | mode (testcase provided by Pieter Geens and Reinhard Pfau). |
|
|
75 | |
|
|
76 | 1.09 Fri May 25 19:38:11 CEST 2007 |
|
|
77 | - create something sensible, trust a windows program to fuck |
|
|
78 | it up: work around literal "(null)" filenames in yenc-encoded |
|
|
79 | files. |
|
|
80 | - some minor cleanups. |
| 2 | |
81 | |
| 3 | 1.08 Sat Dec 16 23:27:13 CET 2006 |
82 | 1.08 Sat Dec 16 23:27:13 CET 2006 |
| 4 | - URGENT update, the last release did not |
83 | - URGENT update, the last release did not |
| 5 | decode files correctly, usually not at all. |
84 | decode files correctly, usually not at all. |
| 6 | - my last patch was, of course, completly bogus. |
85 | - my last patch was, of course, completely bogus. |
| 7 | (sorry. looked simple...). |
86 | (sorry. looked simple...). |
| 8 | |
87 | |
| 9 | 1.07 Sun Dec 10 17:41:46 CET 2006 |
88 | 1.07 Sun Dec 10 17:41:46 CET 2006 |
| 10 | - fixed an uninitialised variable based on analysis |
89 | - fixed an uninitialised variable based on analysis |
| 11 | and patch by Mark Martinec. |
90 | and patch by Mark Martinec. |
