libplist - Library to handle Apple Property List format files in binary or XML

Age	Commit message (Collapse)	Author	Files	Lines
12 hours	xplist: Improve robustness of XML text parsing and value conversionHEAD master	Nikias Bassen	1	-69/+152
	This change adds stricter validation for numeric and date nodes, including full-input consumption, overflow/range checks, and rejection of invalid floating-point values. Whitespace handling is clarified by explicitly trimming trailing XML whitespace for value nodes.
3 days	xplist: Use small stack buffer instead of dynamic allocations	Nikias Bassen	1	-31/+16
	This removes the necessity for malloc failures and reduces overhead
7 days	plist: Improve plist_dict_get_item() to safely iterate key/value pairs	Nikias Bassen	1	-24/+32
	Use explicit key/value stepping, zero-initialize hash lookup key, and perform length-checked comparisons on NUL-terminated key strings.
8 days	bplist: Fix compiler warning with explicit cast	Nikias Bassen	1	-1/+1
	Credit to @ylwango613
8 days	time64: Add time_s support for WIN32	Rosen Penev	2	-2/+6
	Signed-off-by: Rosen Penev <rosenp@gmail.com>
8 days	plist: Fix plist_is_binary() not checking for NULL input	Nikias Bassen	1	-1/+1
	Fixes issue #300 Credit to @jasonmli8
8 days	xplist: Use memcpy instead of strncpy since we know the exact size	Nikias Bassen	1	-3/+3

8 days	xplist: Harden entity unescaping against malformed input	Nikias Bassen	1	-18/+32
	- Fix numeric character reference parsing - Enforce exact entity name matching - Guard against size_t underflow and oversized entities - Reject invalid Unicode code points
8 days	bplist: Fix is_ascii_string by using sufficiently large data type	Nikias Bassen	1	-11/+10
	Fixes #285 Credit to @ylwango613 for reporting.
8 days	bplist: Fix UTF-8 to UTF-16 decoding and enforce strict validation	Nikias Bassen	1	-54/+69
	- Treat input as unsigned bytes - Correct UTF-8 bit decoding for 2/3/4-byte sequences - Add overlong, surrogate, and range checks - Enforce lead/continuation byte constraints This addresses issue #283. Credit to @hgarrereyn for reporting.
9 days	plist: Fix incorrect size storage in plist_copy() for PLIST_STRING nodes	Nikias Bassen	1	-3/+3

9 days	jsmn: use size_t for token offsets and harden against overflow	Nikias Bassen	3	-25/+59
	Use size_t for token start/end offsets instead of int, replace the -1 sentinel with SIZE_MAX, and add a defensive guard against offset wraparound. This prevents overflow when parsing very large JSON inputs. This addresses issue #282. Credit to @ylwango613 for repporting.
10 days	plist: Fix heap overflow caused by incorrect PLIST_STRING length during copy	Nikias Bassen	1	-3/+18
	Credit to @LkkkLxy. Addresses #277.
10 days	plist: Reject insertion of plist nodes that already have a parent	Nikias Bassen	1	-57/+74
	Credit to @LkkkLxy for reporting (#276). libplist nodes are owned by exactly one container. Inserting the same plist_t into multiple dicts or arrays corrupts the tree structure and leads to use-after-free crashes during traversal or plist_free(). Add explicit parent checks to dict and array insertion APIs to reject nodes that already belong to another container. In debug builds, this fails loudly via assert() and optional diagnostics; in release builds, the operation safely no-ops. Callers that need to reuse values must create a copy using plist_copy() or explicitly detach the node before reinserting it.
13 days	plistutil: Use proper error description for new error codes	Nikias Bassen	1	-1/+1

13 days	Prevent deep nesting of plist structures in all input/output formats	Nikias Bassen	8	-95/+184
	Thanks to @unbengable12 for reporting. Addresses #288, #289, #290, #291, and #292.
2026-01-14	bplist: Fix format specifier in debug message	Nikias Bassen	1	-1/+1

2026-01-14	Add circular reference detection to all format writers	Nikias Bassen	8	-28/+202
	Thanks to @LkkkLxy for pointing out the issue.
2026-01-12	hashtable: Remove unnecessary casts by using the correct type for the `next` ↵	Nikias Bassen	2	-6/+6
	member
2026-01-12	plist: make plist_data_compare NULL-safe	Nikias Bassen	1	-10/+20
	Ensure plist_data_compare safely handles NULL inputs by normalizing NULL data to empty values and avoiding invalid dereferences.
2025-12-08	bplist: Fix offset_table range check	Nikias Bassen	1	-1/+8
	Credit to OSS-Fuzz
2025-12-05	cpp: Add `this` comparison to `operator=` copy assign	Tsuk1ha	10	-0/+20

2025-11-14	xplist: Allow empty key entry in PLIST_DICT	Nikias Bassen	1	-1/+9
	Even though this is weird, the DTD allows it. This commit will also make the XML output write `<key/>` and `<string/>` instead of `<key></key>` and `<string></string>` in case of empty key/string node.
2025-10-29	xplist: Fix possible integer overflow	Nikias Bassen	1	-2/+2
	Thanks to @ylwango613 for reporting
2025-10-29	OpenStep: Fix possible integer overflow in node_from_openstep	Nikias Bassen	1	-1/+1
	Thanks to @ylwango613 for pointing this out!
2025-10-29	time64: Assert if date is pointing to NULL	Nikias Bassen	1	-0/+1
	Given the fact that timegm64 is only invoked with a valid pointer, this should never trigger.
2025-10-29	Use sufficiently large data type for indexes/position counters	Nikias Bassen	2	-12/+12

2025-09-27	Fix Integer constructor to copy plist node	Bing Ye	1	-1/+2
	Updated the Integer(const PList::Integer&) constructor to free the existing plist node and copy the node from the input object, ensuring correct initialization.
2025-09-12	Fix proper use of calloc	Nikias Bassen	1	-1/+1

2025-05-14	Silence deprecation warning by using underlying code directly2.7.0	Nikias Bassen	1	-3/+6
	plist_date_val_compare calls plist_get_date_val which is now marked deprecated. To avoid compiler warnings during build, we use the underlying implementation directly instead of calling the function to work around it.
2025-05-13	Add plist_new_unix_date, plist_get_unix_date_val, plist_set_unix_date_val ↵	Nikias Bassen	3	-13/+60
	functions These functions work with int64_t values representing a UNIX timestamp instead of using the 'MAC epoch'. They should be used instead of plist_new_date, plist_get_date_val, and plist_set_date_val, which are now marked deprecated and might be removed in a future version of libplist.
2025-05-12	Fix plist_set_date_val to use correct size for data storage	Nikias Bassen	1	-1/+1
	Otherwise the internal assertion will trigger since the incorrect size will be checked against. Thanks to @michaelwright235, @guyingzhao, and others for pointing this out!
2025-04-06	C++: Data: Add const char* constructor	guyingzhao	1	-0/+5

2025-04-06	C++: Add f/Front() and b/Back() to Array to access first/last element	guyingzhao	1	-0/+20

2025-04-06	C++: Array: Add const Node& variants to Append, Insert	guyingzhao	1	-3/+18

2025-04-06	C++: Add = operator to String class	Nikias Bassen	1	-0/+7

2025-04-06	C++: Add const char* constructor to String class	guyingzhao	1	-0/+5

2025-04-06	C++: Add new Structure::FromMemory()	Nikias Bassen	1	-0/+13

2025-04-06	C++: Explicitly initialize base class in copy constructor	Nikias Bassen	2	-2/+2

2025-04-06	C++: Fix bug in array_fill helper function	Nikias Bassen	1	-1/+3

2025-03-27	Fix segmentation fault when calling plist_sort() on an empty dictionary	Nikias Bassen	1	-0/+3
	Credit to @Anza2001
2025-03-01	C++: Use `free()` instead of `delete` for C things	Nikias Bassen	5	-12/+8

2025-03-01	C++: Add more convenience functions to the interface	guyingzhao	1	-2/+8

2025-03-01	C++: Fix String::GetValue memory leaking and suport assignment of const char*	guyingzhao	1	-3/+8

2024-12-03	Remove pthread dependency	Nikias Bassen	1	-2/+0

2024-11-29	Add missing cast in UINT_TO_HOST	Duncan Ogilvie	1	-2/+2

2024-11-28	Fix warnings on MSVC	Duncan Ogilvie	2	-0/+8

2024-11-28	Fix compilation on MSVC	Duncan Ogilvie	1	-9/+57

2024-11-28	Switch from detecting little endian (common) to detecting big endian (rare)	Duncan Ogilvie	2	-16/+14
	This prevents a bug class where we bswap things when __LITTLE_ENDIAN__ is not defined. Almost all modern systems are little endian, so detecting __BIG_ENDIAN__ is a better strategy.
2024-11-28	Switch to more generic global initializer method	Duncan Ogilvie	1	-74/+41