diff --git a/CHANGELOG.md b/CHANGELOG.md index 8debcdf3ee21e79d9d4b4a33c92c7ecdc2c59fd9..cf091f057f05fb0b8c7fa0f83dba17487ab84fc2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +1.7.11 +====== +Fixes: +------ +* Fix a bug where cJSON_Minify could overflow it's buffer, both reading and writing. This is a security issue. (see #338). Big thanks @bigric3 for reporting. +* Unset `true` and `false` macros before setting them if they exist. See #339, thanks @raiden00pl for reporting + 1.7.10 ====== Fixes: diff --git a/CMakeLists.txt b/CMakeLists.txt index 033a88289db400c528cd5c12ec151a95b78ac6da..96b375ddf3ff093ebc33fb9a7d9c0e987df1bb4a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -7,7 +7,7 @@ include(GNUInstallDirs) set(PROJECT_VERSION_MAJOR 1) set(PROJECT_VERSION_MINOR 7) -set(PROJECT_VERSION_PATCH 10) +set(PROJECT_VERSION_PATCH 11) set(CJSON_VERSION_SO 1) set(CJSON_UTILS_VERSION_SO 1) set(PROJECT_VERSION "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}") diff --git a/Makefile b/Makefile index 8d64fd23b8ed4ce4e3debc17c483c6aa03fb5237..93fffcccb24a88b1deeb1998bca297cfb42bfa0f 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,7 @@ CJSON_TEST_SRC = cJSON.c test.c LDLIBS = -lm -LIBVERSION = 1.7.10 +LIBVERSION = 1.7.11 CJSON_SOVERSION = 1 UTILS_SOVERSION = 1 diff --git a/cJSON.c b/cJSON.c index bf65b56f856df84dfc3725ededb9f315195206b0..571f856c4cd6f4c49a343036e59ffa741812d709 100644 --- a/cJSON.c +++ b/cJSON.c @@ -88,7 +88,7 @@ CJSON_PUBLIC(char *) cJSON_GetStringValue(cJSON *item) { } /* This is a safeguard to prevent copy-pasters from using incompatible C and header files */ -#if (CJSON_VERSION_MAJOR != 1) || (CJSON_VERSION_MINOR != 7) || (CJSON_VERSION_PATCH != 10) +#if (CJSON_VERSION_MAJOR != 1) || (CJSON_VERSION_MINOR != 7) || (CJSON_VERSION_PATCH != 11) #error cJSON.h and cJSON.c have different versions. Make sure that both have the same. #endif diff --git a/cJSON.h b/cJSON.h index 3279f6ba5d80373625992b860e78d1aba5081183..daf31289fe27692be8a4d79375149278fadd0f9c 100644 --- a/cJSON.h +++ b/cJSON.h @@ -81,7 +81,7 @@ then using the CJSON_API_VISIBILITY flag to "export" the same symbols the way CJ /* project version */ #define CJSON_VERSION_MAJOR 1 #define CJSON_VERSION_MINOR 7 -#define CJSON_VERSION_PATCH 10 +#define CJSON_VERSION_PATCH 11 #include