| Age | Commit message (Collapse) | Author | Files | Lines | 
|---|
|  |  | 
|  | Credit to OSS-Fuzz | 
|  | Credit to OSS-Fuzz | 
|  | Credit to OSS-Fuzz | 
|  | Instead of calling strtoll() and atof(), the code now parses the numerical
values directly to handle cases of non-0-terminated string data.
The floating point value parsing is probably not ideal, but sufficient for
our purposes. | 
|  | Credit to OSS-Fuzz | 
|  | In parse_primitive, integer and double values are parsed by using strtoll
and atof, which both expect the string to be 0-terminated. While this is
not a problem in well-formed JSON files, it can be if the JSON data is not,
possibly leading to a crash due to OOB memory access.
This commit fixes it by copying the value data in question to a stack buffer
and 0-terminate it, and use that buffer instead.
Credit to OSS-Fuzz | 
|  | Credit to OSS-Fuzz | 
|  | Credit to OSS-Fuzz | 
|  | correctly
Credit to OSS-Fuzz | 
|  | Credit to OSS-Fuzz | 
|  |  | 
|  |  | 
|  | This way the string doesn't have to be 0-terminated. | 
|  |  | 
|  |  | 
|  |  | 
|  | In XML, PLIST_UID nodes are stored as a dict with a "CF$UID" key and an
integer value, so we want to make it a real PLIST_UID node internally. | 
|  | This way it can be easier determined why an import/export operation failed
instead of just having a NULL result. | 
|  |  | 
|  | Thanks to @azerg for bringing this to my attention.
Instead of having multiple (internally identical) plist_*_free() functions,
this commit introduces a single plist_mem_free() that can be used to free
the memory allocated by plist_to_xml(), plist_to_bin(), plist_get_key_val(),
plist_get_string_val(), and plist_get_data_val().
Note: This commit REMOVES plist_to_bin_free() and plist_to_xml_free(). | 
|  |  | 
|  | of DllMain | 
|  | thread_once_t globals | 
|  | When creating a new Array object, for example through PList::Node::FromPlist(plist_t node),
the array_fill function is called from Array() constructor in line 51.
It seems that the intended way of calling array_fill() is to pass the _array
object by reference, however it is actually passed by value. Thus the changes
to the array object made by array_fill() are discarded when the function
returns.
This commit passes the _array by reference so we keep the changes. | 
|  | Found with google-readability-casting
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | It's the C++ way. It also avoids having to check for NULL.
Found with cppcoreguidelines-owning-memory
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | Found with bugprone-misplaced-widening-cast
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | Found with bugprone-too-small-loop-variable
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | Found with cppcoreguidelines-c-copy-assignment-signature
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | Found with cppcoreguidelines-avoid-non-const-global-variables
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | The const is actually misplaced. const plist_t evaluates to void *const
instead of const void *. const qualification of the former makes no
sense in function declarations.
Found with misc-misplaced-const
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | calloc is faster for big allocations. It's also simpler.
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | conditions
[clang-tidy] Found with bugprone-branch-clone
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | [clang-tidy] Found with bugprone-macro-parentheses
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | [clang-tidy] Found with bugprone-suspicious-string-compare
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | [clang-tidy] Found with readability-else-after-return
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  | [clang-tidy]Found with hicpp-deprecated-headers
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | [clang-tidy] Found with readability-redundant-member-init
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | [clang-tidy] Found with google-readability-namespace-comments
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | [clang-tidy] Found with readability-redundant-control-flow
Signed-off-by: Rosen Penev <rosenp@gmail.com> | 
|  | a PLIST_BOOLEAN | 
|  | This will prevent an assert if a NULL pointer is passed, and can make
writing some code easier and cleaner without the need for a NULL check.
For example, plist_copy(plist_dict_get_item(dict, "abc")) would give us
a copy of the dict's node if the dict has a value for the given key, or
NULL without any further checks. | 
|  |  |