* Update spec.
* Use unsigned integer when shifting (Phil Turnbull).
Avoids a UBSAN warning which can be triggered when handling a
long sequence of backticks.
* Avoid memcpy'ing NULL pointers (Phil Turnbull).
Avoids a UBSAN warning when link title is empty string.
The length of the memcpy is zero so the NULL pointer is not
dereferenced but it is still undefined behaviour.
* DeMorgan simplification of some tests in emphasis parser.
This also brings the code into closer alignment with the wording
of the spec (see jgm/CommonMark467).
* Fixed undefined shift in commonmark writer (211).
Found by google/oss-fuzz:
<https://oss-fuzz.com/v2/testcase-detail/4686992824598528>.
* latex writer: fix memory overflow (210).
We got an array overflow in enumerated lists nested more than
10 deep with start number =/= 1.
This commit also ensures that we don't try to set `enum_` counters
that aren't defined by LaTeX (generally up to enumv).
Found by google/oss-fuzz:
<https://oss-fuzz.com/v2/testcase-detail/5546760854306816>.
* Check for NULL pointer in get_link_type (Phil Turnbull).
`echo '[](xx:)' | ./build/src/cmark -t latex` gave a
segfault.
* Move fuzzing dictionary into single file (Phil Turnbull).
This allows AFL and libFuzzer to use the same dictionary
* Reset bytes after UTF8 proc (Yuki Izumi, 206).
* Don't scan past an EOL (Yuki Izumi).
The existing negated character classes (`[^…]`) are careful to
always include` \x00` in the characters excluded, but these `.`
catch-alls can scan right past the terminating NUL placed
at the end of the buffer by `_scan_at`. As such, buffer
overruns can occur. Also, don't scan past a newline in HTML
block end scanners.
* Document cases where `get_` functions return `NULL` (155).
E.g. `cmark_node_get_url` on a non-link or image.
* Properly handle backslashes in link destinations (192).
Only ascii punctuation characters are escapable, per the spec.
* Fixed `cmark_node_get_list_start` to return 0 for bullet lists,
as documented (202).
* Use `CMARK_NO_DELIM` for bullet lists (201).
* Fixed code for freeing delimiter stack (189).
* Removed abort outside of conditional (typo).
* Removed coercion in error message when aborting from buffer.
* Print message to stderr when we abort due to memory demands (188).
* `libcmark.pc`: use `CMAKE_INSTALL_LIBDIR` (185, Jens Petersen).
Needed for multilib distros like Fedora.
* Fixed buffer overflow error in `S_parser_feed` (184).
The overflow could occur in the following condition:
the buffer ends with `\r` and the next memory address
contains `\n`.
* Update emphasis parsing for spec change.
Strong now goes inside Emph rather than the reverse,
when both scopes are possible. The code is much simpler.
This also avoids a spec inconsistency that cmark had previously:
`***hi***` became Strong (Emph "hi")) but
`***hi****` became Emph (Strong "hi")) "*"
* Fixes for the LaTeX renderer (182, Doeme)
+ Don't double-output the link in latex-rendering.
+ Prevent ligatures in dashes sensibly when rendering latex.
`\-` is a hyphenation, so it doesn't get displayed at all.
* Added a test for NULL when freeing `subj->last_delim`.
* Cleaned up setting of lower bounds for openers.
We now use a much smaller array.
* Fix 178, quadratic parsing bug. Add pathological test.
* Slight improvement of clarity of logic in emph matching.
* Fix "multiple of 3" determination in emph/strong parsing.
We need to store the length of the original delimiter run,
instead of using the length of the remaining delimiters
after some have been subtracted. Test case:
`a***b* c*`. Thanks to Raph Levin for reporting.
* Correctly initialize chunk in S_process_line (Nick Wellnhofer, 170).
The `alloc` member wasn't initialized. This also allows to add an
assertion in `chunk_rtrim` which doesn't work for alloced chunks.
* Added 'make newbench'.
* `scanners.c` generated with re2c 0.16 (68K smaller!).
* `scanners.re` - fixed warnings; use `*` for fallback.
* Fixed some warnings in `scanners.re`.
* Update CaseFolding to latest (Kevin Wojniak, 168).
* Allow balanced nested parens in link destinations (Yuki Izumi, 166)
* Allocate enough bytes for backticks array.
* Inlines: Ensure that the delimiter stack is freed in subject.
* Fixed pathological cases with backtick code spans:
- Removed recursion in scan_to_closing_backticks
- Added an array of pointers to potential backtick closers
to subject
- This array is used to avoid traversing the subject again
when we've already seen all the potential backtick closers.
- Added a max bound of 1000 for backtick code span delimiters.
- This helps with pathological cases like:
x
x `
x ``
x
x `
...
- Added pathological test case.
Thanks to Martin Mitáš for identifying the problem and for
discussion of solutions.
* Remove redundant cmake_minimum_required (163, kainjow).
* Make shared and static libraries optional (Azamat H. Hackimov).
Now you can enable/disable compilation and installation targets for
shared and static libraries via `-DCMARK_SHARED=ON/OFF` and
`-DCMARK_STATIC=ON/OFF`.
* Added support for built-in `${LIB_SUFFIX}` feature (Azamat H.
Hackimov). Replaced `${LIB_INSTALL_DIR}` option with built-in
`${LIB_SUFFIX}` for installing for 32/64-bit systems. Normally,
CMake will set `${LIB_SUFFIX}` automatically for required enviroment.
If you have any issues with it, you can override this option with
`-DLIB_SUFFIX=64` or `-DLIB_SUFFIX=""` during configuration.
* Add Makefile target and harness to fuzz with libFuzzer (Phil Turnbull).
This can be run locally with `make libFuzzer` but the harness will be
integrated into oss-fuzz for large-scale fuzzing.
* Advertise `--validate-utf8` in usage information
(Nguyễn Thái Ngọc Duy).
* Makefile: use warnings with re2c.
* README: Add link to Python wrapper, prettify languages list
(Pavlo Kapyshin).
* README: Add link to cmark-scala (Tim Nieradzik, 196)
[0.27.1.gfm.4]
* Fix regression with nested parentheses in link targets (48).
[0.27.1.gfm.3]
* Various undefined behavior issues fixed (38, 39, 40).
* Tag filter is case-insensitive (43).
[0.27.1.gfm.2]
* Fix a number of bugs (reading past end of buffer, undefined behavior.
* Add `cmark_syntax_extension_get_private()`. (Jonathan Müller)
[0.27.1.gfm.1]
* Add plaintext renderer.
* Remove normalize option; we now always normalize the AST.
* Add getters for table alignment.
* `make install` also installs the extensions static/shared library.
[0.27.1.gfm.0]
* Add extensions: tagfilter, strikethrough, table, autolink.
* Add arena memory implementation.
* Add CMARK_OPT_GITHUB_PRE_LANG for fenced code blocks.
* Skip UTF-8 BOM on input.