10.99.9 2021-01-26 2- add API fjson_object_get_uint() 3 Thanks to Janmejay Singh for contributing the patch. 4- add API fjson_object_array_del_idx() 5 Thanks to Noriko Hosoi for contributing the patch. 6- bugfix for dangling pointer that causes segfault 7 The other functions assume that the memory is either set to NULL or a valid 8 json object. The array_list_del_idx function only moves the elements, but 9 does not set the pointer to null, which causes the same pointer to remain 10 in the list (outside of arr->length). Then, when array_list_put_idx is 11 called, the array_list_expand_internal leaps out, meaning that it has not 12 set the indices outside of the requested length to 0. array_list_put_idx 13 finds the pointer, tries to free it and a double free will be incurred, 14 because the actual element is still in the list. 15 Thanks to Michael van der Werve for contributing the patch. 160.99.8 2017-12-18 17- make build under gcc7 with strict settings (warning==error) 18- bugfix: constant key names not properly handled 19 if fjson_object_object_add_ex() is used with option 20 FJSON_OBJECT_KEY_IS_CONSTANT, fjson_object_object_del() will still 21 try to delete the key name. Depending on use, this can lead to 22 double-free, use-after-free or no problem. 23 see also https://github.com/rsyslog/rsyslog/issues/1839 24 closes https://github.com/rsyslog/libfastjson/issues/148 25- fix potentially invalid return value of fjson_object_iter_begin 26 this could lead to callers doing improper opreations and thus 27 could lead to a segfault in callers 28 detected by Coverity scan, CID 198891 29- fix small potential memory leak in json_tokener (unlinkely to occur) 30 detected by Coverity Scan, CID 198890 310.99.7 2017-10-17 32- added option for case-insensitive comparisons 33 This permits to search for json keys in a case-sensitive way. 34 The default is "off", as this is against the JSON spec. However, 35 rsyslog needs this capability to increase usability inside the 36 variable system. 37 We add a new API call to switch between case-sensitive and 38 case-insensitive comparison, with case-sensitive being the default. 39 closes https://github.com/rsyslog/libfastjson/issues/142 40- Removed userdata and custom-serialization functions 41 Reasoning (from pull request): 42 The library uses the concept of "userdata" and "custom serialization 43 functions" that can be set from user space. However, to effectively 44 make use of this feature, a user must have a deep understanding of 45 the internal data representation of the library, which makes this 46 feature not very useful. 47 But what is worse: internally, the library itself also sometimes 48 assigns data to this userdata member (especially when working with 49 doubles), and it also sometimes assigns alternative serialization 50 functions. This makes the feature even more unusable, because as a 51 user you never can know when the userdata pointer is save to use 52 for your own settings, and when you must leave it alone because 53 it is used by the library. 54 Long story short. In this pull request I got rid of the userdata 55 pointer completely. The case where the library was using the 56 "userdata" (for storing the original string representation of a 57 parsed double) has been moved into the union that is already used 58 for storing values. 59 see also: https://github.com/rsyslog/libfastjson/pull/141 60 Thanks to Emiel Bruijntjes for the patch. 610.99.6 2017-06-19 62- fix a build issue under Solaris 630.99.5 2017-05-03 64- fix tautology comparison in tautology in `fjson_object_iter_equal` 65- made build under Solaris again 66- made to build under AIX 67 Thanks to github user purnimam1 for the patch 68- fix floating point representation when fractional part is missing 69 see also https://github.com/rsyslog/libfastjson/issues/126 70 Thanks to Jan Gerhards for the patch. 71- m4: fix detection of atomics 72 In cross-compilation, it is impossible to run code at configure time to 73 detect the target specifics. 74 As such, AC_TRY_RUN fails miserably to detect reliably that atomic 75 intrisics are present in a toolchain, and decides they are not just 76 because this is cross-compilation. 77 Instead of AC_TRY_RUN, use AC_LINK_IFELSE that does not need to actually 78 run code, since all we're interested in is whether the intrisics are 79 present (or not). Fix both the 32- and 64-bit variants, even if the 80 latter is not used currently. 81 Fixes build failures detected by the Buildroot autobuilders, like: 82 http://autobuild.buildroot.org/results/23a/23ac0e742ed3a70ae4d038f8c9eadc23e708f671/build-end.log 83 http://autobuild.buildroot.org/results/192/1923d0b570adba494f83747a9610ea6ec35f5223/build-end.log 84 and many other cases, espcially on architectures where such intrsics are 85 present, but where the toolchain does not have threads (and anyway, it 86 is much more efficient to use the intrisics rather than use mutexes). 87 Thanks to Yann E. MORIN for the patch. 88- add fjson_object_dump() and fjson_object_write() functions 89 ... that make it possible to dump the json tree without having to 90 dynamically allocate a string, and to write the tree to a FILE*. 91 NOTE: right now, most of the code is simply copied from the functions 92 that use the "printbuf" for writing the data. I have not touched the old 93 printbuf-implementation, because some other code may still rely on it. 94 However, in my opinion these printbuf-based functions (if it is desirable 95 to keep them in the first place) can now be re-implemented to use the more 96 flexible fjson_object_dump() function. 97 MAINTAINER NOTE: we need to performance-test any new implementation and will 98 do so. The results will ultimately decide which parts of the code remain in 99 the codebase. 100 Thanks to Emiel Bruijntjes for the patch. 101 1020.99.4 2016-08-03 103- fix tautology comparison in tautology in `fjson_object_iter_equal` 104 Thanks to Andres Stieger for the patch 105- improve build system to handle slightly older autoconf versions 106- fix build problems with gcc6 107 Thanks to Andres Stieger for the patch 108 1090.99.3 2016-07-11 110- new dependency: autoconf-archive 111- exit() is no longer called in unexpected situations 112 The previous code called exit on some occasions and did not 113 give the caller a chance to do any cleanup or handling on 114 it's own. This has completely been removed. Note that it was 115 very unlikely that this problem affected a caller, as exit() 116 was only called under very rare circumstances (e.g. OOM). 117- fjson_version now returns configure VERSION 118 This avoid inconsistency. 119- removal of Windows and Android bits 120 Thanks to Michael Biebl for the patch. 121- fixes of the build system 122 Thanks to Michael Biebl for the patch. 123- dropped support for Windows and Android as we do not target 124 these platforms 125- "make distcheck" now works 126- fix invalid Unicode representation for some non US-ASCII 127 characters when printed as string. Note that this could 128 potentially also lead to a segfault 129 1300.99.2 2016-03-07 131- new API: json_object_get_member_count() 132- make comaptible with autoconf < 2.64 133 1340.99.1 135was never released, but version number has accidently been used by 136some Adiscon packages. In order to prevent confusion, we have 137decided not to use this version number for any official version. 138 1390.99.0 2015-12-22 140- bugfix: reference counting was not thread-safe 141 142NEXT.VERSION 143 144 ...nothing yet... 145 1460.12 147 148 * Address security issues: 149 * CVE-2013-6371: hash collision denial of service 150 * CVE-2013-6370: buffer overflow if size_t is larger than int 151 152 * Avoid potential overflow in json_object_get_double 153 154 * Eliminate the mc_abort() function and MC_ABORT macro. 155 156 * Make the json_tokener_errors array local. It has been deprecated for 157 a while, and json_tokener_error_desc() should be used instead. 158 159 * change the floating point output format to %.17g so values with 160 more than 6 digits show up in the output. 161 162 * Remove the old libjson.so name compatibility support. The library is 163 only created as libjson-c.so now and headers are only installed 164 into the ${prefix}/json-c directory. 165 166 * When supported by the linker, add the -Bsymbolic-functions flag. 167 168 * Various changes to fix the build on MSVC. 169 170 * Make strict mode more strict: 171 * number must not start with 0 172 * no single-quote strings 173 * no comments 174 * trailing char not allowed 175 * only allow lowercase literals 176 177 * Added a json_object_new_double_s() convenience function to allow 178 an exact string representation of a double to be specified when 179 creating the object and use it in json_tokener_parse_ex() so 180 a re-serialized object more exactly matches the input. 181 182 * Add support NaN and Infinity 183 184 1850.11 186 187 * IMPORTANT: the name of the library has changed to libjson-c.so and 188 the header files are now in include/json-c. 189 The pkgconfig name has also changed from json to json-c. 190 You should change your build to use appropriate -I and -l options. 191 A compatibility shim is in place so builds using the old name will 192 continue to work, but that will be removed in the next release. 193 * Maximum recursion depth is now a runtime option. 194 json_tokener_new() is provided for compatibility. 195 json_tokener_new_ex(depth) 196 * Include json_object_iterator.h in the installed headers. 197 * Add support for building on Android. 198 * Rewrite json_object_object_add to replace just the value if the key already exists so keys remain valid. 199 * Make it safe to delete keys while iterating with the json_object_object_foreach macro. 200 * Add a json_set_serializer() function to allow the string output of a json_object to be customized. 201 * Make float parsing locale independent. 202 * Add a json_tokener_set_flags() function and a JSON_TOKENER_STRICT flag. 203 * Enable -Werror when building. 204 * speed improvements to parsing 64-bit integers on systems with working sscanf 205 * Add a json_object_object_length function. 206 * Fix a bug (buffer overrun) when expanding arrays to more than 64 entries. 207 2080.10 209 210 * Add a json_object_to_json_string_ext() function to allow output to be 211 formatted in a more human readable form. 212 * Add json_object_object_get_ex(), a NULL-safe get object method, to be able 213 to distinguish between a key not present and the value being NULL. 214 * Add an alternative iterator implementation, see json_object_iterator.h 215 * Make json_object_iter public to enable external use of the 216 json_object_object_foreachC macro. 217 * Add a printbuf_memset() function to provide an effecient way to set and 218 append things like whitespace indentation. 219 * Adjust json_object_is_type and json_object_get_type so they return 220 json_type_null for NULL objects and handle NULL passed to 221 json_objct_object_get(). 222 * Rename boolean type to json_bool. 223 * Fix various compile issues for Visual Studio and MinGW. 224 * Allow json_tokener_parse_ex() to be re-used to parse multiple object. 225 Also, fix some parsing issues with capitalized hexadecimal numbers and 226 number in E notation. 227 * Add json_tokener_get_error() and json_tokener_error_desc() to better 228 encapsulate the process of retrieving errors while parsing. 229 * Various improvements to the documentation of many functions. 230 * Add new json_object_array_sort() function. 231 * Fix a bug in json_object_get_int(), which would incorrectly return 0 232 when called on a string type object. 233 Eric Haszlakiewicz 234 * Add a json_type_to_name() function. 235 Eric Haszlakiewicz 236 * Add a json_tokener_parse_verbose() function. 237 Jehiah Czebotar 238 * Improve support for null bytes within JSON strings. 239 Jehiah Czebotar 240 * Fix file descriptor leak if memory allocation fails in json_util 241 Zachary Blair, zack_blair at hotmail dot com 242 * Add int64 support. Two new functions json_object_net_int64 and 243 json_object_get_int64. Binary compatibility preserved. 244 Eric Haszlakiewicz, EHASZLA at transunion com 245 Rui Miguel Silva Seabra, rms at 1407 dot org 246 * Fix subtle bug in linkhash where lookup could hang after all slots 247 were filled then successively freed. 248 Spotted by Jean-Marc Naud, j dash m at newtraxtech dot com 249 * Make json_object_from_file take const char *filename 250 Spotted by Vikram Raj V, vsagar at attinteractive dot com 251 * Add handling of surrogate pairs (json_tokener.c, test4.c, Makefile.am) 252 Brent Miller, bdmiller at yahoo dash inc dot com 253 * Correction to comment describing printbuf_memappend in printbuf.h 254 Brent Miller, bdmiller at yahoo dash inc dot com 255 2560.9 257 * Add README.html README-WIN32.html config.h.win32 to Makefile.am 258 Michael Clark, <michael@metaparadigm.com> 259 * Add const qualifier to the json_tokener_parse functions 260 Eric Haszlakiewicz, EHASZLA at transunion dot com 261 * Rename min and max so we can never clash with C or C++ std library 262 Ian Atha, thatha at yahoo dash inc dot com 263 * Fix any noticeable spelling or grammar errors. 264 * Make sure every va_start has a va_end. 265 * Check all pointers for validity. 266 Erik Hovland, erik at hovland dot org 267 * Fix json_object_get_boolean to return false for empty string 268 Spotted by Vitaly Kruglikov, Vitaly dot Kruglikov at palm dot com 269 * optimizations to json_tokener_parse_ex(), printbuf_memappend() 270 Brent Miller, bdmiller at yahoo dash inc dot com 271 * Disable REFCOUNT_DEBUG by default in json_object.c 272 * Don't use this as a variable, so we can compile with a C++ compiler 273 * Add casts from void* to type of assignment when using malloc 274 * Add #ifdef __cplusplus guards to all of the headers 275 * Add typedefs for json_object, json_tokener, array_list, printbuf, lh_table 276 Michael Clark, <michael@metaparadigm.com> 277 * Null pointer dereference fix. Fix json_object_get_boolean strlen test 278 to not return TRUE for zero length string. Remove redundant includes. 279 Erik Hovland, erik at hovland dot org 280 * Fixed warning reported by adding -Wstrict-prototypes 281 -Wold-style-definition to the compilatin flags. 282 Dotan Barak, dotanba at gmail dot com 283 * Add const correctness to public interfaces 284 Gerard Krol, g dot c dot krol at student dot tudelft dot nl 285 2860.8 287 * Add va_end for every va_start 288 Dotan Barak, dotanba at gmail dot com 289 * Add macros to enable compiling out debug code 290 Geoffrey Young, geoff at modperlcookbook dot org 291 * Fix bug with use of capital E in numbers with exponents 292 Mateusz Loskot, mateusz at loskot dot net 293 * Add stddef.h include 294 * Patch allows for json-c compile with -Werror and not fail due to 295 -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations 296 Geoffrey Young, geoff at modperlcookbook dot org 297 2980.7 299 * Add escaping of backslash to json output 300 * Add escaping of foward slash on tokenizing and output 301 * Changes to internal tokenizer from using recursion to 302 using a depth state structure to allow incremental parsing 303 3040.6 305 * Fix bug in escaping of control characters 306 Johan Bj�rklund, johbjo09 at kth dot se 307 * Remove include "config.h" from headers (should only 308 be included from .c files) 309 Michael Clark <michael@metaparadigm.com> 310 3110.5 312 * Make headers C++ compatible by change *this to *obj 313 * Add ifdef C++ extern "C" to headers 314 * Use simpler definition of min and max in bits.h 315 Larry Lansing, llansing at fuzzynerd dot com 316 317 * Remove automake 1.6 requirement 318 * Move autogen commands into autogen.sh. Update README 319 * Remove error pointer special case for Windows 320 * Change license from LGPL to MIT 321 Michael Clark <michael@metaparadigm.com> 322 3230.4 324 * Fix additional error case in object parsing 325 * Add back sign reversal in nested object parse as error pointer 326 value is negative, while error value is positive. 327 Michael Clark <michael@metaparadigm.com> 328 3290.3 330 * fix pointer arithmetic bug for error pointer check in is_error() macro 331 * fix type passed to printbuf_memappend in json_tokener 332 * update autotools bootstrap instructions in README 333 Michael Clark <michael@metaparadigm.com> 334 3350.2 336 * printbuf.c - C. Watford (christopher.watford@gmail.com) 337 Added a Win32/Win64 compliant implementation of vasprintf 338 * debug.c - C. Watford (christopher.watford@gmail.com) 339 Removed usage of vsyslog on Win32/Win64 systems, needs to be handled 340 by a configure script 341 * json_object.c - C. Watford (christopher.watford@gmail.com) 342 Added scope operator to wrap usage of json_object_object_foreach, this 343 needs to be rethought to be more ANSI C friendly 344 * json_object.h - C. Watford (christopher.watford@gmail.com) 345 Added Microsoft C friendly version of json_object_object_foreach 346 * json_tokener.c - C. Watford (christopher.watford@gmail.com) 347 Added a Win32/Win64 compliant implementation of strndup 348 * json_util.c - C. Watford (christopher.watford@gmail.com) 349 Added cast and mask to suffice size_t v. unsigned int conversion 350 correctness 351 * json_tokener.c - sign reversal issue on error info for nested object parse 352 spotted by Johan Bj�rklund (johbjo09 at kth.se) 353 * json_object.c - escape " in json_escape_str 354 * Change to automake and libtool to build shared and static library 355 Michael Clark <michael@metaparadigm.com> 356 3570.1 358 * initial release 359