| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2023-01-09 | oplist: Add more bound checks to prevent OOB reads | 1 | -2/+32 | ||
| 2023-01-09 | oplist: Fix OOB read by checking bounds properly | 1 | -1/+6 | ||
| Credit to OSS-Fuzz | |||||
| 2023-01-09 | oplist: Fix use-after-free by setting free'd pointer to NULL | 1 | -0/+1 | ||
| Credit to OSS-Fuzz | |||||
| 2023-01-09 | oplist: Plug memory leaks occurring when parsing fails | 1 | -0/+7 | ||
| 2023-01-08 | Add support for OpenStep plist format | 3 | -5/+911 | ||
| 2023-01-08 | JSON: Only allow to convert PLIST_DICT or PLIST_ARRAY node to JSON | 1 | -0/+8 | ||
| 2022-11-02 | jplist: Prevent multiplication overflow by casting to larger type | 1 | -2/+2 | ||
| Found by CodeQL | |||||
| 2022-09-05 | jplist: Fix warning with `-Wbad-function-cast` | 1 | -2/+2 | ||
| 2022-09-05 | Fix up warning with `-Wbad-function-cast` | 1 | -1/+4 | ||
| 2022-09-05 | Get rid of casting a ptr to a 32 bit value | 1 | -2/+2 | ||
| This causes a warning if `-Wbad-function-cast` is enabled on a build. | |||||
| 2022-08-24 | bplist: Fix strict aliasing violations | 1 | -3/+9 | ||
| Casting a float pointer to an int pointer is a strict aliasing violation (-Wstrict-aliasing) and is undefined behaviour (although, it did not seem to cause any real issues). An optimising compiler should elide the memcopies added by this commit. | |||||
| 2022-04-06 | jplist: Escape characters [0x00..0x1F] when converting to JSON | 1 | -5/+12 | ||
| 2022-04-06 | Skip whitespace to properly detect format in plist_from_memory() | 1 | -3/+8 | ||
| 2022-02-15 | jplist: Fix another OOB read by using correct bounds check | 1 | -1/+1 | ||
| Credit to OSS-Fuzz | |||||
| 2022-02-11 | jplist: Fix OOB read by using correct bounds check | 1 | -1/+1 | ||
| Credit to OSS-Fuzz | |||||
| 2022-02-08 | jplist: Prevent read of uninitialized value by checking the bounds beforehand | 1 | -2/+2 | ||
| Credit to OSS-Fuzz | |||||
| 2022-02-07 | xplist: Prevent undefined behavior by not trying to negate INT64_MIN | 1 | -1/+1 | ||
| 2022-02-07 | jplist: Prevent integer overflow when parsing numerical values | 1 | -6/+29 | ||
| Credit to OSS-Fuzz | |||||
| 2022-02-03 | jplist: Fix OOB read by making sure number of children is even | 1 | -2/+6 | ||
| Credit to OSS-Fuzz | |||||
| 2022-02-02 | jplist: Fix memory leak on parse error | 1 | -0/+2 | ||
| Credit to OSS-Fuzz | |||||
| 2022-02-02 | jplist: Improve numerical value parsing without copying data to stack buffer | 1 | -18/+62 | ||
| Instead of calling strtoll() and atof(), the code now parses the numerical values directly to handle cases of non-0-terminated string data. The floating point value parsing is probably not ideal, but sufficient for our purposes. | |||||
| 2022-01-31 | jplist: Fix memory leak that occurs when JSON parsing fails | 1 | -0/+1 | ||
| Credit to OSS-Fuzz | |||||
| 2022-01-31 | jplist: Fix OOB read in parse_primitive caused by missing 0-termination | 1 | -2/+8 | ||
| In parse_primitive, integer and double values are parsed by using strtoll and atof, which both expect the string to be 0-terminated. While this is not a problem in well-formed JSON files, it can be if the JSON data is not, possibly leading to a crash due to OOB memory access. This commit fixes it by copying the value data in question to a stack buffer and 0-terminate it, and use that buffer instead. Credit to OSS-Fuzz | |||||
| 2022-01-31 | jplist: Fix OOB read by making sure the JSMN token index is in valid range | 1 | -31/+48 | ||
| Credit to OSS-Fuzz | |||||
| 2022-01-28 | jplist: Fix a few memory leaks that occur when parsing fails | 1 | -0/+5 | ||
| Credit to OSS-Fuzz | |||||
| 2022-01-28 | jplist: Fix NULL pointer dereference by handling errors from unescape_string ↵ | 1 | -0/+6 | ||
| correctly Credit to OSS-Fuzz | |||||
| 2022-01-28 | jplist: Fix use-after-free in unescape_string | 1 | -2/+2 | ||
| Credit to OSS-Fuzz | |||||
| 2022-01-25 | jplist: Make sure the jsmn parser tokens are initialized properly | 1 | -3/+6 | ||
| 2022-01-25 | jplist: Make sure key values are also unescaped | 1 | -12/+19 | ||
| 2021-12-24 | json: Update parser (jsmn) to verify the length of the input data | 3 | -7/+17 | ||
| This way the string doesn't have to be 0-terminated. | |||||
| 2021-12-23 | jplist: Make strndup argument const to silence compiler warning | 1 | -1/+1 | ||
| 2021-12-23 | jplist: Fix build on Windows | 1 | -0/+12 | ||
| 2021-12-23 | Add support for JSON format | 5 | -0/+1074 | ||
| 2021-12-23 | xplist: Add special handling for PLIST_UID parsing from XML | 1 | -5/+14 | ||
| In XML, PLIST_UID nodes are stored as a dict with a "CF$UID" key and an integer value, so we want to make it a real PLIST_UID node internally. | |||||
| 2021-12-22 | Add a return value to plist_to_* and plist_from_* functions | 3 | -38/+101 | ||
| This way it can be easier determined why an import/export operation failed instead of just having a NULL result. | |||||
| 2021-12-19 | Add support for PLIST_NULL type | 3 | -5/+40 | ||
| 2021-12-19 | Add new plist_mem_free() function | 3 | -10/+8 | ||
| Thanks to @azerg for bringing this to my attention. Instead of having multiple (internally identical) plist_*_free() functions, this commit introduces a single plist_mem_free() that can be used to free the memory allocated by plist_to_xml(), plist_to_bin(), plist_get_key_val(), plist_get_string_val(), and plist_get_data_val(). Note: This commit REMOVES plist_to_bin_free() and plist_to_xml_free(). | |||||
| 2021-11-08 | xplist: Better size estimation for PLIST_REAL nodes | 1 | -2/+2 | ||
| 2021-09-13 | Check availability of constructor attribute and use it on Windows in favor ↵ | 1 | -16/+23 | ||
| of DllMain | |||||
| 2021-09-11 | windows: Make thread_once static and remove const qualifiers from ↵ | 1 | -3/+3 | ||
| thread_once_t globals | |||||
| 2021-07-13 | cpp: Array: Make sure the array passed to array_fill ist passed by reference | 1 | -1/+1 | ||
| When creating a new Array object, for example through PList::Node::FromPlist(plist_t node), the array_fill function is called from Array() constructor in line 51. It seems that the intended way of calling array_fill() is to pass the _array object by reference, however it is actually passed by value. Thus the changes to the array object made by array_fill() are discarded when the function returns. This commit passes the _array by reference so we keep the changes. | |||||
| 2021-06-22 | [clang-tidy] Remove casts to the same type | 2 | -2/+2 | ||
| Found with google-readability-casting Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
| 2021-06-22 | [clang-tidy] cpp: Replace free with delete | 5 | -19/+9 | ||
| It's the C++ way. It also avoids having to check for NULL. Found with cppcoreguidelines-owning-memory Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
| 2021-06-22 | [clang-tidy] Fix bad widening casts | 1 | -2/+2 | ||
| Found with bugprone-misplaced-widening-cast Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
| 2021-06-22 | [clang-tidy] cpp: Use correct type for loop variable | 1 | -4/+2 | ||
| Found with bugprone-too-small-loop-variable Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
| 2021-06-22 | [clang-tidy] cpp: Turn reference operators to const | 10 | -10/+10 | ||
| Found with cppcoreguidelines-c-copy-assignment-signature Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
| 2021-06-22 | [clang-tidy] Avoid global non-const variables | 2 | -4/+4 | ||
| Found with cppcoreguidelines-avoid-non-const-global-variables Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
| 2021-06-22 | [clang-tidy] Remove pointless const | 2 | -2/+2 | ||
| The const is actually misplaced. const plist_t evaluates to void *const instead of const void *. const qualification of the former makes no sense in function declarations. Found with misc-misplaced-const Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
| 2021-01-25 | Replace malloc + memset with calloc where appropriate | 1 | -2/+1 | ||
| calloc is faster for big allocations. It's also simpler. Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
| 2020-11-24 | time64: Remove code duplication in separate if branches by combining the ↵ | 1 | -6/+1 | ||
| conditions [clang-tidy] Found with bugprone-branch-clone Signed-off-by: Rosen Penev <rosenp@gmail.com> | |||||
