++ed by:
7 non-PAUSE users
Author image Marc A. Lehmann

Changes for version 1.6

  • greatly expand the SECURITY IMPLICATIONS and similar sections.
  • new constructor new_safe, to create a secure CBOR::XS object.
  • new option forbid_objects, to disallow serialisation.
  • new CBOR::XS::safe_filter functionality.
  • fix a crash when decoding a cyclic data structure using stringref/pack_strings when allow_cycles is disabled.
  • fix a crash when decoding hash keys with length >= 2**31.
  • avoid unreasonably long decoding times for certain types of (corrupt) cbor texts.
  • support arrays and hashes with >= 2**31 members.
  • avoid overflow on pointer arithmetic when checking whether enough data is available.
  • fix a memory leak that occured when decoding failed while decoding a tagged value.
  • do not leak the partially constructed result when stringifying a hash key throws an exception.
  • various code size and efficiency optimizations (reduced code from 42 to 40kB on my system, despite the new features).


Concise Binary Object Representation (CBOR, RFC7049)