Revision history for Perl extension CBOR::XS

TODO: pack_keys?
TODO: document encode_cbor_sharing?
TODO: weaken cyclic structures?
TODO: large negative integers
TODO: type cast tests.
TODO: round-tripping of types, such as float16 - maybe types::Serialiser support?
TODO: possibly implement, but NaNs are nonportable. rely on libecb?
TODO:, but maybe that is overkill?

1.86 Thu 04 Nov 2021 17:48:16 CET
	- fixed a wrong printf format specifier (reported by Petr Písař).

1.85 Sat 23 Oct 2021 04:59:56 CEST
	- left debugging printf in code, need a test for that :(

1.84 Thu 21 Oct 2021 03:11:52 CEST
	- fix a bug in validate_utf8 where we call perl's is_utf8_string with
          a lenght of zero for empty strings, but perl interprets that as
          "calculate length", causing spurious validation errors for
          empty strings.
	- include validate_utf8 in new_safe.
	- avoid some warnings.

1.83 Tue Dec  8 09:27:06 CET 2020
	- add CBOR::XS::as_map cast function.

1.82 Tue Dec  1 02:47:40 CET 2020
	- add CBOR::XS::as_bool cast function.

1.81 Mon Nov 30 19:29:33 CET 2020
	- cast functions were broken due to last-minute renaming. thats
          what you get for not having a tessuite.
	- Math::BigInt and Math::BigFloat are pretty broken (again),
          so disable some tests. (try printing the bigfloat

1.8  Sun Nov 29 22:35:13 CET 2020
	- experimental support for some type casts, as well as embedding
          raw cbor data.

1.71 Thu Nov 15 20:52:13 CET 2018
	- work around what smells like a perl bug w.r.t. exceptions
          thrown in callbacks.
	- update libecb.

1.7  Tue Jun 27 04:02:23 CEST 2017
	- SECURITY FIX: fix two bugs found by american fuzzy lop,
          upgrade is advised if you accept data from untrusted
        - an out-of bound sharedref or stringref index could cause an
          out of bounds access - might be exploitable.
        - a decoding error during indefinite array or hash decoding
          could cause an endless loop.

1.6  Wed Dec  7 15:13:23 CET 2016
        - greatly expand the SECURITY IMPLICATIONS and similar sections.
        - new constructor new_safe, to create a secure CBOR::XS object.
        - new option forbid_objects, to disallow serialisation.
        - new CBOR::XS::safe_filter functionality.
        - fix a crash when decoding a cyclic data structure using
          stringref/pack_strings when allow_cycles is disabled.
        - fix a crash when decoding hash keys with length >= 2**31.
        - avoid unreasonably long decoding times for certain
          types of (corrupt) cbor texts.
        - support arrays and hashes with >= 2**31 members.
        - avoid overflow on pointer arithmetic when checking whether enough
          data is available.
        - fix a memory leak that occured when decoding failed while decoding
          a tagged value.
        - do not leak the partially constructed result when stringifying
          a hash key throws an exception.
        - various code size and efficiency optimizations (reduced code
          from 42 to 40kB on my system, despite the new features).

1.5  Wed Apr 27 11:38:39 CEST 2016
        - Math::BigFloat madness workaround, see

          (bugreport by
        - add text_keys and text_strings options to force CBOR text encoding
          for perl hash keys or all strings, as a result of discussions
          with Fredrik Ljunggren.
        - implement support for arbitrary-exponent numbers (see
, tags 264 and 265)
          for both en- and decoding.
        - implement support for rational numbers (see
, tag 30) for both
          en- and decoding.
        - the above effectively implements all registered CBOR extensions
          in a sensible manner.
        - remove some weird dead code that was duplicated (%FILTER).
        - add t/58_hv.t, which tests hashes and the new text_* flags.
          hashes apparently were not encoded at all in any of the existing
        - document Math::BigFloat base-2 performance/crash issues.
        - use stability canary.

1.41 Thu 25 Feb 15:22:03 CET 2016
	- avoid perl panics on nested FREEZE/THAW calls (testcase by
          Victor Efimov).

1.4  Mon Feb  8 05:10:15 CET 2016
        - buffer overflow fix: a fast path during decoding did not check
          remaining length when decoding hash keys, found by fuzzing.
          This can potentially leak information in the error message
          or crash the process.
	- use C style { 0 } struct initializer.
        - upgrade libecb.

1.3  Mon Apr 27 22:21:04 CEST 2015
	- the incremental parser didn't properly parse tagged values
          (testcase by Mons Anderson).
	- slightly speed up encoding of plain (nonmagical) arrays.
        - try to clarify further that effectively all 32 bit architectures
          have 64 bit integer support.
        - upgrade libecb.

1.26 Sat Oct 25 08:35:44 CEST 2014
	- update the t/57_incr.t subtest that would rely on 64 bit ints.
        - disable t/50_rfc.t test that fails because of broken data::dumper.

1.25 Sun Jan  5 15:19:14 CET 2014
	- map key decoding was pretty much botched due to the recent cleanups.
	- work around Time::Piece->epoch returning a string value, avoid encoding
          this as a tag 1 string.
        - enable more testcases in t/50_rfc.t, now that they work :)

1.2  Tue Dec 10 22:06:42 CET 2013
	- implement an incremental decoder.

1.12 Tue Dec  3 11:23:22 CET 2013
	- work around broken Time::Piece (in old versions of the module, %z doesn't
          work as documented, gives different results on different platforms(!)).

1.11 Sun Dec  1 18:00:00 CET 2013
	- new setting: validate_utf8, for when you can't trust your cbor data.
        - do not leak memory on decoding errors, when allow_cycles is enabled.
        - add default filters for tags 0 and 1, using Time::Piece.
        - more tests added.

1.1  Sat Nov 30 19:14:27 CET 2013
	- INCOMPATIBLE CHANGE: new decoder setting: allow_cyclic, needed to decode
          cyclic data structures (to avoid memleaks in unsuspecting code).
	- no longer "share" references that aren't, i.e. true/false/null/error/tagged.
	- fix stringref w.r.t. indefinite-length strings.
        - verify indefinite-length string chunk types.
        - do not allow extremely large arrays - assume an array element
          requires at least one CBOR byte, to avoid memory exhaustion attacks.
        - major code overhaul.

1.0  Thu Nov 28 16:43:31 CET 2013
        - use the now official tag values for extensions. remove the
          experimental notice. it's the real thing now, with real bugs.
        - renamed allow_stringref to pack_strings.
	- port to perl <= 5.16.
        - slightly improve the documentation.

0.09  Fri Nov 22 16:54:18 CET 2013
	- bignum/bigfloat/decimal support.
        - uri support.
        - tag filter functions support for decoding.
	- do not support reference-to-1/0/undef anymore, you need to use
          the Types::Serialiser objects now.
        - experimental sharable extension support (
        - experimental stringref extension support (
	- implement indirection tag (

0.08  Wed Oct 30 11:10:43 CET 2013
	- defused another too fragile test.

0.07  Tue Oct 29 23:04:07 CET 2013
	- don't crash in decode when silly values are passed in.
        - considerably speed up map decoding when map keys
          are utf-8 or byte strings.
        - raising an exception in THAW should now work without

0.06  Tue Oct 29 16:56:07 CET 2013
	- do not leak when deserialiasing via THAW.
        - implement and document CBOR::XS creation/access/mutate

0.05  Mon Oct 28 22:27:47 CET 2013
	- do not leak hash keys on decoding.

0.04  Sun Oct 27 23:47:47 CET 2013
	- implement TO_CBOR/FREEZE/THAW serialisation protocols.
        - requested perl-object and generic-object tags from iana.
        - switched to Types::Serialiser for true, false and error.
        - disabled some fragile tests (thanks, andk).

0.03  Sun Oct 27 00:28:41 CEST 2013
	- improve 32 bit platform compatibility.
        - take more advantage of ecb.h.
        - preliminary and bare-bones tagged support.
        - improved docs.

0.02  Sat Oct 26 13:08:05 CEST 2013
	- no aborts left.
	- add $CBOR::XS::MAGIC.
	- preliminary tagged decoding to arrayref.
	- indefinite encoding fixed.
        - half float decoding implemented.
	- t/50_rfc.t adds test vectors from the rfc, which
          are checked as applicable.

0.01  Fri Oct 25 21:39:56 CEST 2013
	- original version; cloned from JSON-XS