You can not select more than 25 topics
			Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
		
		
		
		
		
			
		
			
				
					
					
					
						
							24 KiB
						
					
					
				
			
		
		
		
			
			
			
				
					
				
				
					
				
			
		
		
	
	
							24 KiB
						
					
					
				1.7.17 (Dec 26, 2023)
Fixes:
- Fix null reference in cJSON_SetValuestring(CVE-2023-50472), see #809
- Fix null reference in cJSON_InsertItemInArray(CVE-2023-50471), see #809 and #810
1.7.16 (Jul 5, 2023)
Features:
- Add an option for ENABLE_CJSON_VERSION_SO in CMakeLists.txt, see #534
- Add cmake_policy to CMakeLists.txt, see #163
- Add cJSON_SetBoolValue, see #639
- Add meson documentation, see #761
Fixes:
- Fix memory leak in merge_patch, see #611
- Fix conflicting target names 'uninstall', see #617
- Bump cmake version to 3.0 and use new version syntax, see #587
- Print int without decimal places, see #630
- Fix 'cjson_utils-static' target not exist, see #625
- Add allocate check for replace_item_in_object, see #675
- Fix a null pointer crash in cJSON_ReplaceItemViaPointer, see #726
1.7.15 (Aug 25, 2021)
Fixes:
- Fix potential core dumped for strrchr, see #546
- Fix null pointer crash in cJSON_CreateXxArray, see #538
- Fix several null pointer problems on allocation failure, see #526
- Fix a possible dereference of null pointer, see #519
- Fix windows build failure about defining nan, see #518
1.7.14 (Sep 3, 2020)
Fixes:
- optimize the way to find tail node, see #503
- Fix WError error on macosx because NAN is a float. Thanks @sappo, see #484
- Fix some bugs in detach and replace. Thanks @miaoerduo, see #456
1.7.13 (Apr 2, 2020)
Features:
- add new API of cJSON_ParseWithLength without breaking changes. Thanks @caglarivriz, see #358
- add new API of cJSON_GetNumberValue. Thanks @Intuition, see#385
- add uninstall target function for CMake. See #402
- Improve performance of adding item to array. Thanks @xiaomianhehe, see #430, #448
- add new API of cJSON_SetValuestring, for changing the valuestring safely. See #451
- add return value for cJSON_AddItemTo... and cJSON_ReplaceItem... (check if the operation successful). See #453
Fixes:
- Fix clang -Wfloat-equal warning. Thanks @paulmalovanyi, see #368
- Fix make failed in mac os. See #405
- Fix memory leak in cJSONUtils_FindPointerFromObjectTo. Thanks @andywolk for reporting, see #414
- Fix bug in encode_string_as_pointer. Thanks @AIChangJiang for reporting, see #439
1.7.12 (May 17, 2019)
Fixes:
- Fix infinite loop in cJSON_Minify(potential Denial of Service). Thanks @Alanscut for reporting, see #354
- Fix link error for Visual Studio. Thanks @tan-wei, see #352.
- Undefine trueandfalseforcJSON_Utilsbefore redefining them. Thanks @raiden00pl, see #347.
1.7.11 (Apr 15, 2019)
Fixes:
- Fix a bug where cJSON_Minify could overflow it's buffer, both reading and writing. This is a security issue, see #338. Big thanks @bigric3 for reporting.
- Unset trueandfalsemacros before setting them if they exist. See #339, thanks @raiden00pl for reporting
1.7.10 (Dec 21, 2018)
Fixes:
- Fix package config file for libcjson. Thanks @shiluotang for reporting #321
- Correctly split lists in cJSON_Utils's merge sort. Thanks @andysCaplin for the fix #322
1.7.9 (Dec 16, 2018)
Fixes:
- Fix a bug where cJSON_GetObjectItemCaseSensitivewould pass a nullpointer tostrcmpwhen called on an array, see #315. Thanks @yuweol for reporting.
- Fix error in cJSON_Utilswhere the case sensitivity was not respected, see #317. Thanks @yuta-oxo for fixing.
- Fix some warnings detected by the Visual Studio Static Analyzer, see #307. Thanks @bnason-nf
1.7.8 (Sep 22, 2018)
Fixes:
- cJSON now works with the __stdcallcalling convention on Windows, see #295, thanks @zhindes for contributing
1.7.7 (May 22, 2018)
Fixes:
- Fix a memory leak when realloc fails, see #267, thanks @AlfieDeng for reporting
- Fix a typo in the header file, see #266, thanks @zhaozhixu
1.7.6 (Apr 13, 2018)
Fixes:
- Add SONAMEto the ELF files built by the Makefile, see #252, thanks @YanhaoMo for reporting
- Add include guards and extern "C"tocJSON_Utils.h, see #256, thanks @daschfg for reporting
Other changes:
- Mark the Makefile as deprecated in the README.
1.7.5 (Mar 23, 2018)
Fixes:
- Fix a bug in the JSON Patch implementation of cJSON Utils, see #251, thanks @bobkocisko.
1.7.4 (Mar 3, 2018)
Fixes:
- Fix potential use after free if the stringparameter tocJSON_AddItemToObjectis an alias of thestringproperty of the object that is added,see #248. Thanks @hhallen for reporting.
1.7.3 (Feb 8, 2018)
Fixes:
- Fix potential double free, thanks @projectgus for reporting #241
1.7.2 (Feb 6, 2018)
Fixes:
1.7.1 (Jan 10, 2018)
Fixes:
- Fixed an Off-By-One error that could lead to an out of bounds write. Thanks @liuyunbin for reporting #230
- Fixed two errors with buffered printing. Thanks @liuyunbin for reporting #230
1.7.0 (Dec 31, 2017)
Features:
- Large rewrite of the documentation, see #215
- Added the cJSON_GetStringValuefunction
- Added the cJSON_CreateStringReferencefunction
- Added the cJSON_CreateArrayReferencefunction
- Added the cJSON_CreateObjectReferencefunction
- The cJSON_Add...ToObjectmacros are now functions that return a pointer to the added item, see #226
Fixes:
- Fix a problem with GNUInstallDirsin the CMakeLists.txt, thanks @yangfl, see #210
- Fix linking the tests when building as static library, see #213
- New overrides for the CMake option BUILD_SHARED_LIBS, see #207
Other Changes:
- Readme: Explain how to include cJSON, see #211
- Removed some trailing spaces in the code, thanks @yangfl, see #212
- Updated Unity and json-patch-tests
1.6.0 (Oct 9, 2017)
Features:
- You can now build cJSON as both shared and static library at once with CMake using -DBUILD_SHARED_AND_STATIC_LIBS=On, see #178
- UTF-8 byte order marks are now ignored, see #184
- Locales can now be disabled with the option -DENABLE_LOCALES=Off, see #202, thanks @Casperinous
- Better support for MSVC and Visual Studio
Other Changes:
- Add the new warnings -Wswitch-enum,-Wused-but-makred-unused,-Wmissing-variable-declarations,-Wunused-macro
- More number printing tests.
- Continuous integration testing with AppVeyor (semi automatic at this point), thanks @simon-p-r
1.5.9 (Sep 8, 2017)
Fixes:
- Set the global error pointer even if return_parse_endis passed tocJSON_ParseWithOpts, see #200, thanks @rmallins
1.5.8 (Aug 21, 2017)
Fixes:
1.5.7 (Jul 13, 2017)
Fixes:
- Fix a bug where realloc failing would return a pointer to an invalid memory address. This is a security issue as it could potentially be used by an attacker to write to arbitrary memory addresses, see #189, fixed in 954d61e, big thanks @timothyjohncarney for reporting this issue
- Fix a spelling mistake in the AFL fuzzer dictionary, see #185, thanks @jwilk
1.5.6 (Jun 28, 2017)
Fixes:
- Make cJSON a lot more tolerant about passing NULL pointers to its functions, it should now fail safely instead of dereferencing the pointer, see #183. Thanks @msichal for reporting #182
1.5.5 (Jun 15, 2017)
Fixes:
- Fix pointers to nested arrays in cJSON_Utils, see 9abe
- Fix an error with case sensitivity handling in cJSON_Utils, see b9cc911
- Fix cJSON_Compare for arrays that are prefixes of the other and objects that are a subset of the other, see 03ba72f and #180, thanks @zhengqb for reporting
1.5.4 (Jun 5, 2017)
Fixes:
- Fix build with GCC 7.1.1 and optimization level -O2, see bfbd8fe
Other Changes:
- Update Unity to 3b69beaa58efc41bbbef70a32a46893cae02719d
1.5.3 (May 23, 2017)
Fixes:
- Fix cJSON_ReplaceItemInObjectnot keeping the name of an item, see #174
1.5.2 (May 10, 2017)
Fixes:
- Fix a reading buffer overflow in parse_string, see a167d9e
- Fix compiling with -Wcomma, see 186cce3
- Remove leftover attribute from tests, see b537ca7
1.5.1 (May 6, 2017)
Fixes:
- Add gcc version guard to the Makefile, see #164, thanks @juvasquezg
- Fix incorrect free in cJSON_Utilsif custom memory allocator is used, see #166, thanks @prefetchnta
1.5.0 (May 2, 2017)
Features:
- cJSON finally prints numbers without losing precision, see #153, thanks @DeboraG
- cJSON_Comparerecursively checks if two cJSON items contain the same values, see #148
- Provide case sensitive versions of every function where it matters, see #158 and #159
- Added cJSON_ReplaceItemViaPointerandcJSON_DetachItemViaPointer
- Added cJSON_freeandcJSON_mallocthat expose the internal configured memory allocators. see 02a05ee
Enhancements:
- Parse into a buffer, this will allow parsing \u0000in the future (not quite yet though)
- General simplifications and readability improvements
- More unit tests
- Update unity testing library to 2.4.1
- Add the json-patch-tests test suite to test cJSON_Utils.
- Move all tests from test_utils.cto unit tests with unity.
Fixes:
- Fix some warnings with the Microsoft compiler, see #139, thanks @PawelWMS
- Fix several bugs in cJSON_Utils, mostly found with json-patch-tests
- Prevent a stack overflow by specifying a maximum nesting depth CJSON_NESTING_LIMIT
Other Changes:
- Move generated files in the library_configsubdirectory.
1.4.7 (Apr 19, 2017)
Fixes:
- Fix cJSONUtils_ApplyPatches, it was completely broken and apparently nobody noticed (or at least reported it), see 075a06f
- Fix inconsistent prototype for cJSON_GetObjectItemCaseSensitive, see 51d3df6, thanks @PawelWMS
1.4.6 (Apr 9, 2017)
Fixes:
- Several corrections in the README
- Making clear that valueintshould not be written to
- Fix overflow detection in ensure, see 2683d4d
- Fix a potential null pointer dereference in cJSON_Utils, see 795c3ac
- Replace incorrect sizeof('\0')withsizeof(""), see 84237ff
- Add caveats section to the README, see 50b3c30
- Make cJSON locale independent, see #146, Thanks @peterh for reporting
- Fix compiling without CMake with MSVC, see #147, Thanks @dertuxmalwieder for reporting
1.4.5 (Mar 28, 2017)
Fixes:
- Fix bug in cJSON_SetNumberHelper, thanks @mmkeeper, see #138 and ef34500
- Workaround for internal compiler error in GCC 5.4.0 and 6.3.1 on x86 (2f65e80a3471d053fdc3f8aed23d01dd1782a5cb GCC bugreport)
1.4.4 (Mar 24, 2017)
Fixes:
- Fix a theoretical integer overflow, (not sure if it is possible on actual hardware), see e58f7ec
- Fix an off by one error, see cc84a44, thanks @gatzka
- Double check the offset of the print buffer in ensure, see 1934059
Improvements:
- Add a note in the header about required buffer size when using cJSON_PrintPreallocated, see 4bfb8800
1.4.3 (Mar 19, 2017)
Fixes:
- Fix compilation of the tests on 32 bit PowerPC and potentially other systems, see 4ec6e76
- Fix compilation with old GCC compilers (4.3+ were tested), see 227d33, 466eb8e, see also #126
1.4.2 (Mar 16, 2017)
Fixes:
- Fix minimum required cmake version, see 30e1e7a
- Fix detection of supported compiler flags, see 76e5296
- Run cJSON_testandcJSON_test_utilsalong with unity tests, see c597601
1.4.1 (Mar 16, 2017)
Fixes:
- Make print_numberabort with a failure in out of memory situations, see cf1842
1.4.0 (Mar 4, 2017)
Features
- Functions to check the type of an item, see #120
- Use dllexport on windows and fvisibility on Unix systems for public functions, see #116, thanks @mjerris
- Remove trailing zeroes from printed numbers, see #123
- Expose the internal boolean type cJSON_boolin the header, see 2d3520e
Fixes
- Fix handling of NULL pointers in cJSON_ArrayForEach, see b47d0e3
- Make it compile with GCC 7 (fix -Wimplicit-fallthrough warning), see 9d07917
Other Improvements
- internally use realloc if available (#110)
- builtin support for fuzzing with afl (#111)
- unit tests for the print functions (#112)
- Always use buffered printing (#113)
- simplify the print functions (#114)
- Add the compiler flags -Wdouble-conversion,-Wparenthesesand-Wcomma(#122)
1.3.2 (Mar 1, 2017)
Fixes:
- Don't build the unity library if testing is disabled, see #121. Thanks @ffontaine
1.3.1 (Feb 27, 2017)
Fixes:
- Bugfix release that fixes an out of bounds read, see #118. This shouldn't have any security implications.
1.3.0 (Feb 17, 2017)
This release includes a lot of rework in the parser and includes the Cunity unit testing framework, as well as some fixes. I increased the minor version number because there were quite a lot of internal changes.
Features:
- New type for cJSON structs: cJSON_Invalid, see #108
Fixes:
- runtime checks for a lot of potential integer overflows
- fix incorrect return in cJSON_PrintBuffered cf9d57d
- fix several potential issues found by Coverity
- fix potentially undefined behavior when assigning big numbers to valueint(41e2837)- Numbers exceeding INT_MAXor lower thanINT_MINwill be explicitly assigned tovalueintasINT_MAXandINT_MINrespectively (saturation on overflow).
- fix the cJSON_SetNumberValuemacro (87f7727), this slightly changes the behavior, see commit message
 
- Numbers exceeding 
Introduce unit tests
- Started writing unit tests with the Cunity testing framework. Currently this covers the parser functions.
Also:
- Support for running the tests with Valgrind
- Support for compiling the tests with AddressSanitizer and UndefinedBehaviorSanitizer.
- travis.ymlfile for running unit tests on travis. (not enabled for the repository yet though #102
Simplifications
After having unit tests for the parser function in place, I started refactoring the parser functions (as well as others) and making them easier to read and maintain.
- Use strtodfrom the standard library for parsing numbers (0747669)
- Use goto-fail in several parser functions (#100)
- Rewrite/restructure all of the parsing functions to be easier to understand and have less code paths doing the same as another. (#109)
- Simplify the buffer allocation strategy to always doubling the needed amount (9f6fa94)
- Combined cJSON_AddItemToObjectandcJSON_AddItemToObjectCSto one function (cf862d)
Other changes
- Prevent the usage of incompatible C and header versions via preprocessor directive (123bb1)
- Let CMake automatically detect compiler flags
- Add new compiler flags (-Wundef,-Wswitch-default,-Wconversion,-fstack-protector-strong) (#98)
- Change internal sizes from inttosize_t(ecd5678)
- Change internal strings from char*tounsigned char*(28b9ba4)
- Add constin more places
1.2.1 (Jan 31, 2017)
Fixes:
- Fixes a potential null pointer dereference in cJSON_Utils, discovered using clang's static analyzer by @bnason-nf, see #96
1.2.0 (Jan 9, 2017)
Features:
Fixes:
- Compiler warning if const is casted away, Thanks @gatzka, see #83
- Fix compile error with strict-overflow on PowerPC, see #85
- Fix typo in the README, thanks @MicroJoe, see #88
- Add compile flag for compatibility with C++ compilers
1.1.0 (Dec 6, 2016)
- Add a function cJSON_PrintPreallocatedto print to a preallocated buffer, thanks @ChisholmKyle, see #72
- More compiler warnings when using Clang or GCC, thanks @gatzka, see #75, #78
- fixed a memory leak in cJSON_Duplicate, thanks @alperakcan, see #81
- fix the ENABLE_CUSTOM_COMPILER_FLAGScmake option
1.0.2 (Nov 25, 2016)
- Rename internal boolean type, see #71.
1.0.1 (Nov 20, 2016)
Small bugfix release.
- Fixes a bug with the use of the cJSON structs type in cJSON_Utils, see d47339e
- improve code readability
- initialize all variables
1.0.0 (Nov 17, 2016)
This is the first official versioned release of cJSON. It provides an API version for the shared library and improved Makefile and CMake build files.