Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2023-01-19 | xplist: Add missing newline to debug message | Nikias Bassen | 1 | -1/+1 | |
2023-01-19 | jplist: Add missing newline to debug message | Nikias Bassen | 1 | -1/+1 | |
2023-01-18 | oplist: Prevent too many levels of recursion to prevent stack overflow | Nikias Bassen | 1 | -1/+9 | |
Credit to OSS-Fuzz | |||||
2023-01-17 | oplist: Fix another OOB read | Nikias Bassen | 2 | -0/+8 | |
Credit to OSS-Fuzz | |||||
2023-01-16 | Updated README.md with CodeQL badge | Nikias Bassen | 1 | -0/+1 | |
2023-01-16 | Rename PLIST_UINT to PLIST_INT and add plist_new_int() and plist_get_int_val() | Nikias Bassen | 17 | -62/+382 | |
This properly supports getting and setting signed or unsigned integer values. Also, a new helper function plist_int_val_is_negative() was added to determine if a given #PLIST_INT node has a negative value or not. The old type PLIST_UINT is defined as a macro with the value of PLIST_INT for backwards compatibility. This commit also adds int vs. uint support to the C++ interface, and the python bindings in a hopefully useful way. | |||||
2023-01-13 | oplist: Fix another OOB read | Nikias Bassen | 2 | -0/+4 | |
Credit to OSS-Fuzz | |||||
2023-01-11 | [github-actions] CodeQL: Update checkout to v3 | Nikias Bassen | 1 | -1/+1 | |
2023-01-11 | [github-actions] build: Update checkout and upload-artifact to v3 | Nikias Bassen | 1 | -6/+6 | |
2023-01-11 | oplist: Plug another memory leak occurring on parse error | Nikias Bassen | 2 | -0/+2 | |
Credit to OSS-Fuzz | |||||
2023-01-11 | oplist: Plug some more memory leaks occuring when parsing fails | Nikias Bassen | 1 | -4/+5 | |
2023-01-09 | fuzz: Add OpenStep crash/leak testcases found by OSS-Fuzz | Nikias Bassen | 3 | -0/+8 | |
2023-01-09 | oplist: Add more bound checks to prevent OOB reads | Nikias Bassen | 1 | -2/+32 | |
2023-01-09 | oplist: Fix OOB read by checking bounds properly | Nikias Bassen | 1 | -1/+6 | |
Credit to OSS-Fuzz | |||||
2023-01-09 | oplist: Fix use-after-free by setting free'd pointer to NULL | Nikias Bassen | 1 | -0/+1 | |
Credit to OSS-Fuzz | |||||
2023-01-09 | oplist: Plug memory leaks occurring when parsing fails | Nikias Bassen | 1 | -0/+7 | |
2023-01-08 | Updated README | Nikias Bassen | 1 | -7/+14 | |
2023-01-08 | fuzz: Add OpenStep plist fuzzer | Nikias Bassen | 6 | -3/+108 | |
2023-01-08 | fuzz: Fix comment in jplist_fuzzer saying XML | Nikias Bassen | 1 | -2/+2 | |
2023-01-08 | Add support for OpenStep plist format | Nikias Bassen | 18 | -45/+1322 | |
2023-01-08 | fuzz: Add some more JSON test case from OSS-Fuzz | Nikias Bassen | 3 | -0/+66 | |
2023-01-08 | JSON: Only allow to convert PLIST_DICT or PLIST_ARRAY node to JSON | Nikias Bassen | 1 | -0/+8 | |
2022-11-20 | [github-actions] Add CIFuzz integration | David Korczynski | 1 | -0/+26 | |
Signed-off-by: David Korczynski <david@adalogics.com> | |||||
2022-11-02 | [github-actions] CodeQL: No need for scheduled run since it runs on every push | Nikias Bassen | 1 | -2/+0 | |
2022-11-02 | jplist: Prevent multiplication overflow by casting to larger type | Nikias Bassen | 1 | -2/+2 | |
Found by CodeQL | |||||
2022-09-05 | cython: Fix 2 warnings with `-Wbad-function-cast` | Nikias Bassen | 1 | -2/+4 | |
2022-09-05 | jplist: Fix warning with `-Wbad-function-cast` | Nikias Bassen | 1 | -2/+2 | |
2022-09-05 | Fix up warning with `-Wbad-function-cast` | Dave MacLachlan | 1 | -1/+4 | |
2022-09-05 | Get rid of casting a ptr to a 32 bit value | Dave MacLachlan | 1 | -2/+2 | |
This causes a warning if `-Wbad-function-cast` is enabled on a build. | |||||
2022-09-05 | [github-actions] Update CodeQL to v2 | Nikias Bassen | 1 | -3/+3 | |
2022-09-05 | Allow using libplist as a submodule | Nikias Bassen | 1 | -1/+1 | |
2022-08-24 | bplist: Fix strict aliasing violations | Matthew Smith | 1 | -3/+9 | |
Casting a float pointer to an int pointer is a strict aliasing violation (-Wstrict-aliasing) and is undefined behaviour (although, it did not seem to cause any real issues). An optimising compiler should elide the memcopies added by this commit. | |||||
2022-08-24 | [github-actions] Add a scheduled build every 1st of the month so we always ↵ | Nikias Bassen | 1 | -1/+4 | |
have an artifact | |||||
2022-04-06 | jplist: Escape characters [0x00..0x1F] when converting to JSON | Nikias Bassen | 1 | -5/+12 | |
2022-04-06 | Skip whitespace to properly detect format in plist_from_memory() | Nikias Bassen | 1 | -3/+8 | |
2022-02-15 | jplist: Fix another OOB read by using correct bounds check | Nikias Bassen | 1 | -1/+1 | |
Credit to OSS-Fuzz | |||||
2022-02-14 | [github-actions] Use windows-2019 instead of windows-latest for now | Nikias Bassen | 1 | -1/+1 | |
Built is failing because of some python mess | |||||
2022-02-11 | jplist: Fix OOB read by using correct bounds check | Nikias Bassen | 1 | -1/+1 | |
Credit to OSS-Fuzz | |||||
2022-02-10 | [github-actions] Windows: Prevent -dirty suffix in version string by ↵ | Nikias Bassen | 2 | -0/+2 | |
disabling CRLF conversion | |||||
2022-02-08 | jplist: Prevent read of uninitialized value by checking the bounds beforehand | Nikias Bassen | 1 | -2/+2 | |
Credit to OSS-Fuzz | |||||
2022-02-07 | cython: Fix Windows build | Nikias Bassen | 1 | -0/+4 | |
2022-02-07 | docs: Fix parameter and type names for doxygen | Nikias Bassen | 1 | -8/+11 | |
2022-02-07 | cython: Fix for LibTool compilation and Python 3 libintl | Rick Mark | 1 | -1/+1 | |
On Python 3.9 `libpython` no longer is linkable as a static library due to the fact that `libpython` now depends on `libintl`. This would mean we would have to import `libintl` to create a fully linked .la It is better to be explicit that we are building a .so (really a .dylib but autotools uses linux file conventions) that doesn't have to be fully resolved. | |||||
2022-02-07 | test: Polish json3.test to not leave temp file after test | Nikias Bassen | 1 | -3/+5 | |
2022-02-07 | Update .gitignore | Nikias Bassen | 1 | -0/+3 | |
2022-02-07 | test: Add int64 min/max testcase for JSON parser | Nikias Bassen | 3 | -2/+24 | |
2022-02-07 | xplist: Prevent undefined behavior by not trying to negate INT64_MIN | Nikias Bassen | 1 | -1/+1 | |
2022-02-07 | jplist: Prevent integer overflow when parsing numerical values | Nikias Bassen | 1 | -6/+29 | |
Credit to OSS-Fuzz | |||||
2022-02-05 | configure: Generate usable version via git-version-gen when ran in shallow clone | Nikias Bassen | 1 | -1/+5 | |
2022-02-03 | jplist: Fix OOB read by making sure number of children is even | Nikias Bassen | 2 | -2/+7 | |
Credit to OSS-Fuzz |