The Random Books, Software, and Thoughts of Michael R Sweet

PDFio 1.6.4 June 05, 2026

PDFio 1.6.4 is a bug fix release. Changes include:

  • Fixed pdfioPageCopy implementation to not force a CropBox value (Issue #166)
  • Fixed AES padding (Issue #167, Issue #169, Issue #170)

Enjoy!

Download PDFio v1.6.4 Home Page

Comments
 

PAPPL v1.4.11 June 05, 2026

PAPPL v1.4.11 is now available for download and is a bug fix release. Changes include:

  • Updated the programmer’s manual (Issue #418, Issue #419)
  • Updated Set-Printer-Attributes validations checks.
  • Fixed builds on FreeBSD and other systems without a sys/statfs.h header (Issue #411)
  • Fixed a deadlock issue in the USB gadget shutdown code (Issue #417)
  • Fixed a truncation bug when decoding SNMP string values.
  • Fixed the handling of the finishings option.

Enjoy!

Download PAPPL v1.4.11 Home Page

Comments
 

PDFio 1.6.3 April 30, 2026

PDFio 1.6.3 is a bug fix release. Changes include:

  • Fixed pdfioPageCopy implementation to not copy the source document’s entire page tree (Issue #161)
  • Fixed AES encryption dictionary name (Issue #163)
  • Fixed AES owner key generation (Issue #164)
  • Fixed support for empty UTF-16 strings (Issue #165)

Enjoy!

Download PDFio v1.6.3 Home Page

Comments
 

PDFio 1.6.2 February 15, 2026

PDFio 1.6.2 is a bug fix release. Changes include:

  • Increased the maximum length of a single string to 128k (Issue #146)
  • Added missing range checks to pdfioArrayCopy and pdfioDictCopy.
  • Refactored PDF encryption code to fix unlocking with certain files.
  • Improved xref table loop detection (Issue #148)
  • Changed how duplicate objects are handled in PDF files (Issue #155)
  • Fixed xref reconstruction for objects lacking a Type value.
  • Fixed pdfioPageOpenStream for indirect Contents arrays.
  • Fixed an error propagation bug when reading too-long values (Issue #146)
  • Fixed a bug when converting Unicode characters above plane 0 (issue #159)
  • Fixed a Clang warning.

Enjoy!

Download PDFio v1.6.2 Home Page

Comments
 

HTMLDOC 1.9.23 January 28, 2026

HTMLDOC 1.9.23 is a bug fix release. Changes include:

  • Fixed a regression in list handling that caused a crash for empty list items (Issue #553)
  • Fixed a regression in the number of rendered table of contents levels in PDF and PostScript output (Issue #554)

Binaries are available from Github for Windows 10+ and macOS 11+, and through the Snapcraft store for Linux.

Enjoy!

Download HTMLDOC 1.9.23 Install HTMLDOC 1.9.23 Snap Home Page

Comments
 

What is a Security Bug? January 13, 2026

I’ve had the privilege of working with a lot of security researchers throughout my career. Every one of them has been passionate about their work and the issues they report, and my work has greatly benefitted from their contributions.

Unfortunately, the software security industry has created an environment where CVEs (Common Vulnerabilities and Exposures) have become an economic driver. Researchers seem to increasingly need published CVEs or bug bounties to justify the time they spend trying to break software in new and interesting ways.

This has predictably led to more software bugs being reported as critical security vulnerabilities, with push-back and frustration from developers when those bugs are either not exploitable or not in that software at all! In addition, many issues are discovered and reported automatically (“AI”, “fuzzing”, etc.) without sufficient investigation/analysis by the reporter. Finally, security updates trigger an emergency response for everyone involved, causing further disruption to the software development process. Thus, it is important to clearly identify which bugs rate a CVE and which ones are ordinary bugs.

More + Comments
 

TTF v1.1.0 December 31, 2025

This is a feature release of TTF, a simple C library for using TrueType and OpenType font files. Changes include:

  • Added configure script for better build system compatibility.
  • Added ttfCache functions to access user- and system-installed fonts (Issue #5)
  • Added ttfCreateData function to create a font from a memory buffer.
  • Added ttfContainsChar and ttfContainsChars functions to determine whether a font contains the necessary characters (Issue #2)
  • Added ttfGetKernedExtents function to get kerned extents (Issue #6)
  • Added guards against fonts claiming they have 0 characters.
  • Added stddef.h include to ttf.h.
  • Added support for more kinds of TrueType/OpenType fonts.
  • Fixed range checking in ttfGetExtents (Issue #9)
  • Fixed potential heap/integer overflow issues in the TrueType cmap code.
  • Fixed underflow in TrueType cmap code.

Enjoy!

Download TTF v1.1.0 Home Page Github Project

Comments
 

HTMLDOC 1.9.22 December 28, 2025

HTMLDOC 1.9.22 is a bug fix release. Changes include:

  • Added a “–without-http” configure option to build without CUPS HTTP/HTTPS support (Issue #547)
  • Updated HTTP/HTTPS support to work with both CUPS 2.x and 3.x.
  • Updated the maximum image dimension to prevent integer overflow on 32-bit platforms (Issue #550)
  • Updated the HTML parser to correctly report the line number of errors in files with more than 2^32-1 lines (Issue #551)
  • Fixed a crash bug with certain markdown files (Issue #548)
  • Fixed an unrestricted recursion bug when reading and formatting HTML (Issue #552)

Binaries are available from Github for Windows 10+ and macOS 11+, and through the Snapcraft store for Linux.

Enjoy!

Download HTMLDOC 1.9.22 Install HTMLDOC 1.9.22 Snap Home Page

Comments
 

View All Posts

 
Donate using Liberapay
Copyright © 1991-2026 by Michael R Sweet. All rights reserved. Contact “webmaster@msweet.org” for assistance.