bstring v1.1.0 Release Notes

Highlights

This release brings UTF-8 string manipulation support to bstring, with modules ported from the parent bstrlib project. The library can now handle Unicode text through the new utf8util and buniutil modules, enabled by default.

Also new in this release is fuzz testing infrastructure using LLVM's libFuzzer, which has already led to the discovery and fixing of memory safety issues in bUuDecodeEx and bNetStr2Bstr.

On the build system front, the legacy Autotools build has been fully removed. bstring now builds exclusively with Meson.

New build options

enable-utf8 (default: true) — Build the library with UTF-8 string manipulation support (utf8util, buniutil). Disable with -Denable-utf8=false if UTF-8 support is not needed, and you want a leaner library.
enable-fuzzing (default: false) — Build libFuzzer fuzz targets for the library. Requires Clang. Enable with -Denable-fuzzing=true.
enable-old-api (default: false) — Enable backward compatibility macros for the pre-1.0 API. By default, namespace-polluting legacy macros are disabled. Enable with -Denable-old-api=true if you depend on the old macro names.

What's Changed

remove autotools macros and supporting files by @rdmark in #72
create a GitHub workflow job for building on OpenIndiana by @rdmark in #104
fix compiler warnings flagged by MSVC on Windows by @rdmark in #106
clarify the dual licensing terms of the code, include GPL v2 text by @rdmark in #121
borrow the library features section from the parent project by @rdmark in #140
remove C++ references in the docs by @rdmark in #139
port UTF8 string manipulation modules from bstrlib by @rdmark in #142
add biseqblk, biseqcaselessblk, binsertblk, bjoinblk by @rdmark in #143
add bfromcstrrangealloc, improve bSecureInput, fix bfindreplace by @rdmark in #146
port bSGMLEncode function from bstrlib by @rdmark in #147
fix bUuDecodeEx: prevent OOM and memory leak on malformed input by @rdmark in #148
fix bNetStr2Bstr: prevent OOB read on crafted netstring length by @rdmark in #149
introduce fuzz testing of the library using llvm libfuzzer by @rdmark in #150
rename namespace pollution meson option and define in config.h by @rdmark in #165

Full Changelog: v1.0.3...v1.1.0

Contributors

rdmark

Assets 4

01 Nov 12:33

rdmark

v1.0.3

917e65b

Windows MSVC support; pkg-config bugfix

This release contains three significant fixes, all concerning the Meson build system:

Support for Windows MSVC compiler optimization flags (previously errored out with MSVC)
The build system will generate a correct bstring.pc file for pkg-config that points to development headers
Use the full version string as library version rather than a static 1.0.0

In this release:

bstring-1.0.3.tar.xz -- tarball generated by Meson, containing all build files but not bootstrapped by Autotools
bstring-1.0.3.tar.gz -- tarball generated and bootstrapped by Autotools, but without Meson build files

Note: This is the final release version that ships with Meson and Autotools build systems side by side. Future release versions will only support Meson.

What's Changed

Update README.md with an OpenSSF scorecard badge by @rdmark in #48
Create a bstring security policy by @rdmark in #49
Use the full project version as library version by @rdmark in #50
Cross-platform check for compiler warning flags with Windows support by @rdmark in #52
Update README.md with a blurb explaining bstring by @rdmark in #55
Update README.md with packaging status by @rdmark in #60
remove invalid # chars from documentation by @rdmark in #65
pkg-config should look for headers in include root by @rdmark in #66

Full Changelog: v1.0.2...v1.0.3

Contributors

rdmark

Assets 5

05 Sep 16:00

msteinert

v1.0.2

5bcb920

Build & quality improvements

@rdmark has been busy making improvements, including:

The build system, including parity between autotools & meson
Quality indicators and cleanups (expanded CI, SonarCube)

Enjoy!

What's Changed

meson: Do not set install_dir by @diizzyy in #12
Protect against buffer overflows and null pointer dereferences by @rdmark in #9
Use URL to the YEncode spec hosted by the Yence project by @rdmark in #11
GitHub CI: Run memory profiling with valgrind on Linux and FreeBSD by @rdmark in #13
Address a straggler buffer overflow, and add safeguard after test abort by @rdmark in #15
Abort tests when encountering NULL pointers by @rdmark in #16
Refresh the Doxyfile with doxygen 1.14.0 by @rdmark in #19
Prevent null pointer dereference in bwriteprotect macro usage by @rdmark in #20
Refactor a few control structures to be more gcov friendly by @rdmark in #24
bstrlib.c: spello by @sevan in #25
Straggler null pointer abort before bwriteprotect macro by @rdmark in #26
Create a GitHub CI workflow for publishing unit test reports by @rdmark in #21
Use gcovr instead of lcov in GitHub CI job by @rdmark in #27
Create a dependabot configuration for GitHub actions by @rdmark in #28
Bump vmactions/solaris-vm from 1.1.4 to 1.1.5 by @dependabot[bot] in #30
Bump vmactions/openbsd-vm from 1.1.8 to 1.2.0 by @dependabot[bot] in #32
Bump vmactions/omnios-vm from 1.1.0 to 1.1.1 by @dependabot[bot] in #31
Bump vmactions/dragonflybsd-vm from 1.1.0 to 1.1.1 by @dependabot[bot] in #33
Update README.md with SonarQube badges by @rdmark in #34
Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #29
Record GitHub action versions in code comment and remove timeouts by @rdmark in #35
Bump vmactions/netbsd-vm from 1.1.8 to 1.1.9 by @dependabot[bot] in #37
Bump vmactions/freebsd-vm from 1.2.1 to 1.2.3 by @dependabot[bot] in #38
Bump to stable version 1.0.2 by @rdmark in #36
Create an OpenSSF scorecard workflow by @rdmark in #40
Use specific base image version tags in CI build jobs by @rdmark in #39
Turn the bgets workaround into a manual option by @rdmark in #41
Check that -Wno-gnu compiler flag is supported before using by @rdmark in #44
Define project C standard to C99 by @rdmark in #46