The ASN.1 Compiler

File Release Notes and Changelog

Release Name: asn1c-0.9.7

Notes:
Better XER and BER support, portability and security fixes.

Changes:
0.9.7:  2004-Oct-11

        * Finished CANONICAL-XER implementation by adding SET and SET OF
          canonical ordering support.
        * Fixed unber(1) limits controlling logic.
        * Removed C99'izm from the x509dump, now understood by older compilers.
        * Enhanced UTF8String constraint validation, now it checks
          for the minimal encoding length; API of UTF8String_length() changed.
        * Fixed SEQUENCE dealing with premature termination of the
          optionals-laden indefinite length structure. The code was previously
          refusing to parse such structures.
        * Fixed explicitly tagged ANY type encoding and decoding
          (Severity: medium, Secruity impact: low).
        * Fixed CHOICE code spin when indefinite length structures appear
          in the extensions (Severity: medium, Security impact: medium).
          Reported by <siden@ul-gsm.ru>.
        * BIT STRING now stores the number of unused octets in a separate field.

0.9.6:  2004-Sep-29

        * Added several security firewalls: decoder's stack usage control
          and the stricter checking of the TLV length.
        * Implemented BASIC-XER encoding support (X.693).
        * Implemented unber(1) and enber(1) for BER<->XML translation.
        * Implemented CGI for online ASN.1 compilation (asn1c/webcgi).
        * Implemented the sample X.509 decoder (./samples/sample.source.PKIX1).
        * NamedType is now supported for SET OF/SEQUENCE OF type.
        * Added -fno-constraints option to asn1c, which disabled generation of
          ASN.1 subtype constraints checking code.
        * Added ASN1C_ENVIRONMENT_VERSION and get_asn1c_environment_version().
        * Fixed ANY type decoding (Severity: high, Secruity impact: low).
        * Fixed BER decoder restartability problem with certain primitive
          types (BOOLEAN, INTEGER, and REAL). The problem occured when the
          encoding of such type is split between several bytes.
          (Severity: high, Security impact: low)
        * Support for cross-referencing type definitions (updated ./tests/43-*).        * Fixed pretty-printing of the REAL type. Added lots of test cases.
        * Renamed asn1_* into asn_* in function and type names.
        * Updated documentation.

0.9.5:  2004-Sep-17

        * Fixed CER (common BER) decoder code. See check-25.c/VisibleString
          case for details. X.690 specifies that inner structures in BER
          encoding must be tagged by stripping off the outer tag for each
          subsequent containment level. See also X.690: 8.21.5.4 and
          the "Spouse" case in A.3.
          (Severity: medium, Security impact: low)
        * Added converters between any generic type and the ANY type.
        * Parser fixed: Information Object Class fields may be taged.
        * Parser fixed: tagged types inside SEQUENCE OF/SET OF support.
        * Improved DEFAULT Value parsing and pretty-printing.
        * Condition on distinct tags checker was incorrectly dealing with
          tagged CHOICE types. Fixed. Modified tests/37-indirect-choice-OK.asn1
        * Improved type name generation code ("struct foo" vs "foo_t").
        * Fixed constraint checking code incorrectly dealing with imported
          types with constraint values defined in other modules.
        * Real REAL support! (Haven't tested denormals support yet!)
          See skeletons/tests/check-REAL.c

0.9.4:  2004-Sep-10

        * More support for recursive type definitions.
        * Explicit support for ANY type decoding.
        * Refactored tags processing code.
        * Fixed constraints checking code: non-exploitable buffer overflow.
          (Severity: medium, Security impact: low)