They now consistently parse the varint and then push the int32 representation into the unknown field set. Previously the behavior was sometimes pushing the original varint, sometimes pushing a uint32_t truncated value, and sometimes an int32_t truncated value.
PiperOrigin-RevId: 512140469
This will make PRs from forked repositories significantly less painful, since they'll agree on which version of each action to use. OTOH, we'll have a separate repo that needs to be maintained, and changes to it will need to be coordinated and versioned carefully. This will likely need to be done less often though now that our infrastructure is stable.
PiperOrigin-RevId: 512117705
* Fix mutability bug in Java proto lite: sub-messages inside of oneofs were not
being set as immutable. This would allow code to get a builder for a
sub-message and modify the original (supposedly immutable) copy.
PiperOrigin-RevId: 511598810
* Add casts to make protobuf compatible with Java 1.8 runtime.
Fix for: https://github.com/protocolbuffers/protobuf/issues/11393
PiperOrigin-RevId: 511807920
---------
Co-authored-by: Protobuf Team Bot <protobuf-github-bot@google.com>
- Reduce what headers the runtime import needs.
- Remove stale function prototype.
- Move one function to be full scoped to a single file.
PiperOrigin-RevId: 512073294
This change also removes policy settings that are now already set to
`NEW` by default. There are still two remaining policies that were
introduced in CMake > 3.10, so I left those, and documented the CMake
version they were introduced in so we know when we can later remove them
(when our min version advances beyond that).
The min CMake version supported by Protobuf is documented here:
https://github.com/google/oss-policies-info/blob/main/foundational-cxx-support-matrix.md
PiperOrigin-RevId: 511897379
Write barrier protected objects are allowed to be promoted to the old generation, which means they only get marked on major GC.
The downside is that the `RB_BJ_WRITE` macro MUST be used to set references, otherwise the referenced object may be garbaged collected.
But the `*Descriptor` classes and `Arena` have very few references and are only set in a few places, so it's relatively easy to implement.
cc @peterzhu2118Closes#11793
COPYBARA_INTEGRATE_REVIEW=https://github.com/protocolbuffers/protobuf/pull/11793 from casperisfine:descriptor-write-barrier 215e8fad4c
PiperOrigin-RevId: 511875342
For PODs, parse the data before making the NSNumber used for extension
fields.
For messages/groups, create the message first, add it to the object graph,
and balance the retain count before doing the parsing. This ensure if an
error is hit (and a throw happens), the object(s) won't be leaked.
Parsing will always mutates the graph, so yes this includes more mutations
in failure cases, but other fields could always be modified before the
bad data is encountered. But even then, that edge case *only* apples to api
users that are explicitly *merge* (-mergeFrom...), the majority of the calls
are to +parseFromData:error:, so the entire graph is released on failure.
PiperOrigin-RevId: 511871398
being set as immutable. This would allow code to get a builder for a
sub-message and modify the original (supposedly immutable) copy.
PiperOrigin-RevId: 511598810
A bug was found during code review that didn't trigger any test failure
The fast TDP entry did not have the index in the aux_idx field.
PiperOrigin-RevId: 511570831
The validation is done at the highest point so if a sub message is what
goes over the limit it is caught at the outer message, thus reducing the
impact on the serialization code.
PiperOrigin-RevId: 511473008
The code that loads descriptors calls absl::CUnescape() to parse the escape sequences. Prior to this CL, we were not checking the return value of this call, effectively allowing the invalid data to be loaded.
If a user is compiling a .proto file, invalid escapes will be caught earlier in the compiler pipeline, and this check will be unnecessary. The only time this is an issue is when a descriptor has been constructed manually and is loaded into the runtime.
This bug manifested as an MSAN failure in a fuzz test, because in the error case absl::CUnescape() will return a string where some of the characters are uninitialized.
PiperOrigin-RevId: 511319279