Skip to content

Commit

Permalink
Merge branch 'master' into exportfile-gfm
Browse files Browse the repository at this point in the history
  • Loading branch information
phillmv authored Jan 31, 2023
2 parents e08c552 + 9d8ebd6 commit 32c8fe6
Show file tree
Hide file tree
Showing 34 changed files with 14,696 additions and 10,687 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ build
cmark.dSYM/*
cmark
.vscode
.DS_Store

# Testing and benchmark
alltests.md
Expand Down
12 changes: 12 additions & 0 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,15 @@ option(CMARK_TESTS "Build cmark-gfm tests and enable testing" ON)
option(CMARK_STATIC "Build static libcmark-gfm library" ON)
option(CMARK_SHARED "Build shared libcmark-gfm library" ON)
option(CMARK_LIB_FUZZER "Build libFuzzer fuzzing harness" OFF)
option(CMARK_FUZZ_QUADRATIC "Build quadratic fuzzing harness" OFF)

if(CMARK_FUZZ_QUADRATIC)
set(FUZZER_FLAGS "-fsanitize=fuzzer-no-link,address -g")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${FUZZER_FLAGS}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${FUZZER_FLAGS}")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${FUZZER_FLAGS}")
set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} ${FUZZER_FLAGS}")
endif()

add_subdirectory(src)
add_subdirectory(extensions)
Expand All @@ -29,6 +38,9 @@ if(CMARK_TESTS)
enable_testing()
add_subdirectory(test testdir)
endif()
if(CMARK_FUZZ_QUADRATIC)
add_subdirectory(fuzz)
endif()

if(NOT CMAKE_BUILD_TYPE)
set(CMAKE_BUILD_TYPE "Release" CACHE STRING
Expand Down
6 changes: 3 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ VERSION?=$(SPECVERSION)
RELEASE?=CommonMark-$(VERSION)
INSTALL_PREFIX?=/usr/local
CLANG_CHECK?=clang-check
CLANG_FORMAT=clang-format-3.5 -style llvm -sort-includes=0 -i
CLANG_FORMAT=clang-format -style llvm -sort-includes=0 -i
AFL_PATH?=/usr/local/bin

.PHONY: all cmake_build leakcheck clean fuzztest test debug ubsan asan mingw archive newbench bench format update-spec afl clang-check docker libFuzzer
Expand Down Expand Up @@ -140,7 +140,7 @@ $(EXTDIR)/ext_scanners.c: $(EXTDIR)/ext_scanners.re
esac
re2c --case-insensitive -b -i --no-generation-date -8 \
--encoding-policy substitute -o $@ $<
clang-format-3.5 -style llvm -i $@
clang-format -style llvm -i $@

# We include entities.inc in the repository, so normally this
# doesn't need to be regenerated:
Expand Down Expand Up @@ -211,7 +211,7 @@ format:
$(CLANG_FORMAT) src/*.c src/*.h api_test/*.c api_test/*.h

format-extensions:
clang-format-3.5 -style llvm -i extensions/*.c extensions/*.h
clang-format -style llvm -i extensions/*.c extensions/*.h

operf: $(CMARK)
operf $< < $(BENCHFILE) > /dev/null
Expand Down
22 changes: 22 additions & 0 deletions changelog.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,25 @@
[0.29.0.gfm.8]

* We restored backwards compatibility by deprecating the `cmark_init_standard_node_flags()` requirement, which is now a noop (#305)
* We added a quadratic complexity fuzzing target (#304)

[0.29.0.gfm.7]

* Fixed a polynomial time complexity issue per
https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p
* Fixed an issue in which crafted markdown document could trigger an
out-of-bounds read in the validate_protocol function per
https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr
* Fixed a polynomial time complexity issue
https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r
* Fixed several polynomial time complexity issues per
https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c
* We removed an unneeded .DS_Store file (#291)
* We added a test for domains with underscores and fix roundtrip behavior (#292)
* We now use an up-to-date clang-format (#294)
* We made a variety of implicit integer trunctions explicit by moving to
size_t as our standard size integer type (#302)

[0.29.0.gfm.6]
* Fixed polynomial time complexity DoS vulnerability in autolink extension

Expand Down
1 change: 0 additions & 1 deletion extensions/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
cmake_minimum_required(VERSION 2.8)
set(LIBRARY "libcmark-gfm-extensions")
set(STATICLIBRARY "libcmark-gfm-extensions_static")
set(LIBRARY_SOURCES
Expand Down
Loading

0 comments on commit 32c8fe6

Please sign in to comment.