·
9 commits
to master
since this release
There are no known problems or test failures in 1.4, but this fix should be picked up. This restores some defensiveness in decoding that was present in v1.3.
Specifically it is defensive decoding of reserved values (28, 29, 30) in additional info in the CBOR head. The change is to put the QCBORItem initialization back in the right place. From analysis of the code, the only effect was when the header decode returned QCBOR_ERR_UNSUPPORTED, a recoverable error. It is assumed that no caller would examine the secondary fields of QCBORItem when this error occurs, so there's no issue.