diff options
| -rwxr-xr-x | CMakeLists.txt | 4 | ||||
| -rw-r--r-- | changelog.txt | 124 |
2 files changed, 126 insertions, 2 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 33180e5..90a0f34 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -17,8 +17,8 @@ endif() set(PROJECT_NAME "cmark") set(PROJECT_VERSION_MAJOR 0) -set(PROJECT_VERSION_MINOR 27) -set(PROJECT_VERSION_PATCH 1) +set(PROJECT_VERSION_MINOR 28) +set(PROJECT_VERSION_PATCH 0) set(PROJECT_VERSION ${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH} ) option(CMARK_TESTS "Build cmark tests and enable testing" ON) diff --git a/changelog.txt b/changelog.txt index 883ef6c..7ba00ae 100644 --- a/changelog.txt +++ b/changelog.txt @@ -1,3 +1,127 @@ +[0.28] + + * Update spec. + * Use unsigned integer when shifting (Phil Turnbull). + Avoids a UBSAN warning which can be triggered when handling a + long sequence of backticks. + * Avoid memcpy'ing NULL pointers (Phil Turnbull). + Avoids a UBSAN warning when link title is empty string. + The length of the memcpy is zero so the NULL pointer is not + dereferenced but it is still undefined behaviour. + * DeMorgan simplification of some tests in emphasis parser. + This also brings the code into closer alignment with the wording + of the spec (see jgm/CommonMark#467). + * Fixed undefined shift in commonmark writer (#211). + Found by google/oss-fuzz: + <https://oss-fuzz.com/v2/testcase-detail/4686992824598528>. + * latex writer: fix memory overflow (#210). + We got an array overflow in enumerated lists nested more than + 10 deep with start number =/= 1. + This commit also ensures that we don't try to set `enum_` counters + that aren't defined by LaTeX (generally up to enumv). + Found by google/oss-fuzz: + <https://oss-fuzz.com/v2/testcase-detail/5546760854306816>. + * Check for NULL pointer in get_link_type (Phil Turnbull). + `echo '[](xx:)' | ./build/src/cmark -t latex` gave a + segfault. + * Move fuzzing dictionary into single file (Phil Turnbull). + This allows AFL and libFuzzer to use the same dictionary + * Reset bytes after UTF8 proc (Yuki Izumi, #206). + * Don't scan past an EOL (Yuki Izumi). + The existing negated character classes (`[^…]`) are careful to + always include` \x00` in the characters excluded, but these `.` + catch-alls can scan right past the terminating NUL placed + at the end of the buffer by `_scan_at`. As such, buffer + overruns can occur. Also, don't scan past a newline in HTML + block end scanners. + * Document cases where `get_` functions return `NULL` (#155). + E.g. `cmark_node_get_url` on a non-link or image. + * Properly handle backslashes in link destinations (#192). + Only ascii punctuation characters are escapable, per the spec. + * Fixed `cmark_node_get_list_start` to return 0 for bullet lists, + as documented (#202). + * Use `CMARK_NO_DELIM` for bullet lists (#201). + * Fixed code for freeing delimiter stack (#189). + * Removed abort outside of conditional (typo). + * Removed coercion in error message when aborting from buffer. + * Print message to stderr when we abort due to memory demands (#188). + * `libcmark.pc`: use `CMAKE_INSTALL_LIBDIR` (#185, Jens Petersen). + Needed for multilib distros like Fedora. + * Fixed buffer overflow error in `S_parser_feed` (#184). + The overflow could occur in the following condition: + the buffer ends with `\r` and the next memory address + contains `\n`. + * Update emphasis parsing for spec change. + Strong now goes inside Emph rather than the reverse, + when both scopes are possible. The code is much simpler. + This also avoids a spec inconsistency that cmark had previously: + `***hi***` became Strong (Emph "hi")) but + `***hi****` became Emph (Strong "hi")) "*" + * Fixes for the LaTeX renderer (#182, Doeme) + + Don't double-output the link in latex-rendering. + + Prevent ligatures in dashes sensibly when rendering latex. + `\-` is a hyphenation, so it doesn't get displayed at all. + * Added a test for NULL when freeing `subj->last_delim`. + * Cleaned up setting of lower bounds for openers. + We now use a much smaller array. + * Fix #178, quadratic parsing bug. Add pathological test. + * Slight improvement of clarity of logic in emph matching. + * Fix "multiple of 3" determination in emph/strong parsing. + We need to store the length of the original delimiter run, + instead of using the length of the remaining delimiters + after some have been subtracted. Test case: + `a***b* c*`. Thanks to Raph Levin for reporting. + * Correctly initialize chunk in S_process_line (Nick Wellnhofer, #170). + The `alloc` member wasn't initialized. This also allows to add an + assertion in `chunk_rtrim` which doesn't work for alloced chunks. + * Added 'make newbench'. + * `scanners.c` generated with re2c 0.16 (68K smaller!). + * `scanners.re` - fixed warnings; use `*` for fallback. + * Fixed some warnings in `scanners.re`. + * Update CaseFolding to latest (Kevin Wojniak, #168). + * Allow balanced nested parens in link destinations (Yuki Izumi, #166) + * Allocate enough bytes for backticks array. + * Inlines: Ensure that the delimiter stack is freed in subject. + * Fixed pathological cases with backtick code spans: + + - Removed recursion in scan_to_closing_backticks + - Added an array of pointers to potential backtick closers + to subject + - This array is used to avoid traversing the subject again + when we've already seen all the potential backtick closers. + - Added a max bound of 1000 for backtick code span delimiters. + - This helps with pathological cases like: + + x + x ` + x `` + x ``` + x ```` + ... + + - Added pathological test case. + + Thanks to Martin Mitáš for identifying the problem and for + discussion of solutions. + * Remove redundant cmake_minimum_required (#163, @kainjow). + * Make shared and static libraries optional (Azamat H. Hackimov). + Now you can enable/disable compilation and installation targets for + shared and static libraries via `-DCMARK_SHARED=ON/OFF` and + `-DCMARK_STATIC=ON/OFF`. + * Added support for built-in `${LIB_SUFFIX}` feature (Azamat H. + Hackimov). Replaced `${LIB_INSTALL_DIR}` option with built-in + `${LIB_SUFFIX}` for installing for 32/64-bit systems. Normally, + CMake will set `${LIB_SUFFIX}` automatically for required enviroment. + If you have any issues with it, you can override this option with + `-DLIB_SUFFIX=64` or `-DLIB_SUFFIX=""` during configuration. + * Add Makefile target and harness to fuzz with libFuzzer (Phil Turnbull). + This can be run locally with `make libFuzzer` but the harness will be + integrated into oss-fuzz for large-scale fuzzing. + * Makefile: use warnings with re2c. + * README: Add link to Python wrapper, prettify languages list + (Pavlo Kpyshin). + * README: Add link to cmark-scala (Tim Nieradzik, #196) + [0.27.1] * Set policy for CMP0063 to avoid a warning (#162). |