ZXC v0.9.1

Release Notes

This is a maintenance release with CLI usability improvements and documentation updates. No ABI changes, SOVERSION remains 2.

Bug Fixes (CLI)

• Fix: --bench duration parsing: --bench [N] was not correctly consuming the duration argument. The value was left as a positional argument, causing the next filename to be misinterpreted as a duration. All three forms now work correctly: -b2, --bench=2, --bench 2.

• -B / --block-size in help text: The --block-size option was functional since v0.9.0 but missing from zxc --help output. Now documented: -B, --block-size Block size: 4K..2M, power of 2 {256K}.

Documentation

• tar integration: Added usage examples for using zxc as an external compressor with tar:
  • GNU tar: tar -I 'zxc -5' -cf archive.tar.zxc data/
  • bsdtar (macOS): tar --use-compress-program='zxc -5' -cf archive.tar.zxc data/
  • Universal pipes: tar cf - data/ | zxc > archive.tar.zxc

---

Changes

Full Changelog: v0.9.0...v0.9.1

ZXC v0.9.0

Release Notes

This release introduces the Reusable Context API, configurable block sizes, a comprehensive API & ABI reference, and several security fixes; including a heap-buffer-overflow found by fuzzing the compression path.

SOVERSION bumped to 2: this release contains ABI-breaking changes.

Breaking Changes

• SOVERSION 2: The shared library ABI version has been incremented. Binaries compiled against SOVERSION 1 must be recompiled.
• Options structs: zxc_compress() and zxc_decompress() now take zxc_compress_opts_t* / zxc_decompress_opts_t* instead of positional parameters. Pass NULL for default behavior.
• Block size encoding: The file header now stores block size as a log2 exponent [12..21] instead of the previous dual-scale encoding. Legacy value 64 is still accepted for backward compatibility.

New Features

Reusable Context API

Opaque, heap-allocated compression and decompression contexts that eliminate per-call allocation overhead, ideal for filesystem plug-ins (squashfs, dwarfs) and batch processing:

• zxc_create_cctx() / zxc_free_cctx() / zxc_compress_cctx()
• zxc_create_dctx() / zxc_free_dctx() / zxc_decompress_dctx()

Internal buffers are only reallocated when block_size or level changes between calls.

Configurable Block Sizes

• Block size is now configurable via the block_size field in zxc_compress_opts_t.
• Valid range: 4 KB - 2 MB (power of two).
• Default remains 256 KB.
• CLI: new --block-size or -B option with unit suffixes (4K, 1M, or 4KB, 1MB etc.).

Direct Decompression Fast Path

• When the destination buffer is sufficiently padded, decompression skips the intermediate work buffer copy, reducing memory traffic and latency.

Security & Stability

• Fix: heap-buffer-overflow in bitpacking (zxc_bitpack_stream_32): The packing loop could write up to 4 bytes past the output buffer when the last packed value straddled a byte boundary.
• Fix: stream validation during decompression (zxc_decompress.c): Added validation to ensure the sequence stream size is sufficient for the declared number of sequences, preventing out-of-bounds reads.
• Block size validation: Both zxc_cctx_init() and zxc_read_file_header() now validate that block sizes are within [ZXC_BLOCK_SIZE_MIN, ZXC_BLOCK_SIZE_MAX] and are powers of two.
• C++ compatibility: All public headers now include extern "C" guards for seamless C++ consumption.
• Fuzzing corpus storage: Configured persistent corpus storage for ClusterFuzzLite CI.

Documentation

• docs/API.md: New comprehensive API & ABI reference documenting all 21 exported symbols, type definitions, visibility strategy, ABI versioning, thread safety guarantees, and error handling patterns.
• Updated man page and README with installation instructions and packaging status (vcpkg, Conan, Homebrew).
• Updated docs/FORMAT.md for exponent-based block size encoding.

Wrappers

All language wrappers updated to use the new options struct API:

• Python: Updated CFFI bindings for options structs.
• Rust: Updated FFI layer and safe wrapper for options structs and reusable context API.
• Node.js: Updated N-API bindings for options structs.

---

Changes

Full Changelog: v0.8.3...v0.9.0

ZXC v0.8.3

Release Notes

Patch release fixing compilation errors with Clang 12-16 and suppressing warnings on MinGW (GCC). Also introduces a new CI workflow testing 22 compiler configurations.

Changes

Fixes

• Fix _Atomic static initializer for Clang 12-16 (zxc_dispatch.c). Replaced with explicit casts to the target function pointer type.
• Fix -Wunused-parameter warnings on MinGW for attr and retval parameters in the Win32 pthread.

CI

• Add compiler compatibility CI workflow. Added a comprehensive CI workflow testing 22 compiler x architecture combinations (#134)

---

Full Changelog: v0.8.2...v0.8.3

ZXC v0.8.2

Release Notes

This release addresses multiple security findings reported by Snyk and an intensive fuzzing campaign (300M+ iterations). Enhances the overall robustness of the resource management.

Changes

Security & Hardening

• Integer Overflow Prevention: Implemented thread count clamping and explicit size_t arithmetic for workspace allocation.
• Resource Management: Fixed potential file handle leaks in CLI error paths and benchmark modes.
• Input Sanitization: Hardened CLI argument parsing and enhanced output terminal guards.

Core Library

• Thread Configuration: Centralized ZXC_MAX_THREADS (1024) and synchronized limits across the codebase.
• Memory Safety: Patched potential out-of-bounds access points and refined scratch buffer management.

CI

• Fuzzing: Optimized buffer API and memory reuse for automated fuzzing integration.

---

Full Changelog: v0.8.1...v0.8.2

ZXC v0.8.1

Release Notes

This is a pure packaging patch release for Linux/Debian maintainers.

Changes

• Fix: Bumped SOVERSION to 1 in CMakeLists.txt to correctly reflect the ABI changes introduced in v0.8.0. Ensures the generated shared library is named libzxc.so.1, allowing co-installability with older versions (libzxc.so.0) without silently breaking existing dynamically linked software.

There are no functional or API changes in this release compared to v0.8.0.

---

Full Changelog: v0.8.0...v0.8.1

ZXC v0.8.0

Release Notes

This release brings significant improvements to the ZXC ecosystem, focusing on security, performance, cross-language support, and comprehensive documentation.

Breaking Changes (Format Version 5)

• Format V5: Implemented an LZ offset bias (+1) at the format level to eliminate potential zero-offset attack vectors.
• Checksums: Header checksums now use Marsaglia xorshift algorithm.

Performance Improvements

The new LZ77 hashing strategy and hash table configuration optimizations (#106) yield significant performance gains across different architectures, especially for higher compression levels.

Highlights:

• Compression Speed: Massive improvements for levels 3 to 5, showing 33% to 43% faster compression speeds on both x86_64 and ARM64 architectures.
• Decompression Speed: Notable improvements for faster levels (1 and 2), with up to 10-18% speedup on x86_64 and ~8-10% on ARM64.
• Compression Ratio: Ratios are maintained or slightly improved, meaning these speed gains come at no cost to compression size.

Changes

Performance & Refactoring

• Hashing Optimization: Optimized the LZ77 hashing strategy and standardized hash table configuration for improved compression efficiency (#106).
• Enhanced Error Handling: Refactored error handling with robust error codes. The Python wrapper now exposes these C error constants to provide enhanced and native error reporting (#103, #111).
• Dual-Scale Chunk Size Implementation: The ZXC_BLOCK_SIZE is no longer limited to 1 MB. The ZXC file format now formally supports block sizes up to 8 MB. Introduced a Most Significant Bit (MSB) dual-scale flag in Chunk Size Code.
  Fine Scale (MSB=0): Uses a 4 KB multiplier, enabling block sizes from 4 KB to 508 KB.
  Large Scale (MSB=1): Uses a 64 KB multiplier, unlocking block sizes from 64 KB up to 8 MB.
• CLI: Adds multiple file processing mode. Introduces the -m or --multiple CLI option, enabling the processing of several input files in a single command. Each file is handled independently, with output filenames automatically derived from the input (e.g., file.txt compresses to file.txt.xc, file.txt.xc decompresses to file.txt).
• CLI: Adds recursive directory processing mode. Introduces the -r or --recursive CLI option, enabling the processing of all regular files within specified directories and their subdirectories.

Security & Stability

• Zero-Offset Attack Prevention: Implemented an LZ offset bias (+1) at the format level to eliminate potential zero-offset attack vectors (#104).
• Memory Safety: Fixed potential buffer overflows, decoder underflows, and path handling edge cases (#105).
• Code Quality: Enforced strict const correctness for local variables to ensure better compile-time safety (#110).
• CLI: Fixes benchmark deadline calculation. Explicitly casts when calculating compression and decompression benchmark deadlines.
• CLI: Refactors path handling for robustness (#119). Addresses compatibility issues arising from reliance on PATH_MAX fixed-size buffers.
• Migrates internal path manipulation in validation and directory processing to use dynamic memory allocation with realpath(NULL), strdup, and malloc. This ensures adaptability to varying path lengths and improves compatibility on systems where PATH_MAX may be undefined or insufficient, such as GNU/Hurd.
• Adds CI support for Alpha architecture (#122)

Wrappers

• Node.js Support: Introduced a brand-new Node.js wrapper for zxc compression, expanding our language ecosystem (#107).
• Python: Closes file handles in stream tests (#115). Prevents potential resource leaks by guaranteeing cleanup via a finally block, regardless of test success or failure.

Documentation & Ecosystem

• Format Specification: Published a comprehensive ZXC file format specification featuring byte-level structures and a worked hexdump example.
• MAN: Provides comprehensive documentation for the zxc command-line interface man.
• Added vcpkg installation instructions, refined the introduction, and added a TL;DR and new package badges to the README.

---

Full Changelog: v0.7.3...v0.8.0

ZXC v0.7.3

Release Notes

This release fix the vcpkg integration by moves the rapidhash.h header file to a dedicated vendor directory to improve project structure and dependency management.

This change ensures better organization of external libraries and avoids potential naming conflicts. It also updates related build configurations, code analysis workflows, and coverage settings to reflect the new file location.

Changes

• Moves rapidhash.h to vendors directory #101
• Finds rapidhash via system or vendored fallback #102

---

Full Changelog: v0.7.2...v0.7.3

ZXC v0.7.2

Release Notes

This release fix a minor warning when zxc is build with ZXC_NATIVE_ARCH option to ON onto x86 architectures.

Bug Fixes & Safety

• Fix warning for AVX2/AVX512 macro redefinition in native mode build #94

---

Full Changelog: v0.7.1...v0.7.2

ZXC v0.7.1

Release Notes

This release focuses on hardening the decompression engine with safety checks and fix build for vcpkg port

Bug Fixes & Safety

• Fixes potential out-of-bounds read in decompression in #92
• CMake: specifies release config for /O2 flag

---

Full Changelog: v0.7.0...v0.7.1

ZXC v0.7.0

Release Notes

This release brings first-class big-endian architecture support, a new machine-readable JSON output mode for the CLI, and targeted safety fixes, making ZXC more portable, scriptable, and robust across platforms.

Changes

Big-Endian Architecture Support

ZXC now correctly compresses and decompresses data on big-endian systems. This is a foundational portability milestone.

• Endianness Detection: Compile-time detection with byte-swap macros for 16, 32, and 64-bit values integrated into all read/store functions.
• Multi-Architecture CI: New multiarch.yml workflow with tiered architecture support via QEMU emulation:
  Tier 1: Core architectures
  Tier 2: Extended Linux architectures
  Tier 3: Experimental and old architectures
• API Update: zxc_compress_bound and zxc_get_decompressed_size now return uint64_t instead of size_t to prevent overflow on platforms with smaller size_t.
• Wrapper Updates: Rust and Python wrappers updated with correct type casts for the new return types.

JSON Output for CLI

The CLI now supports structured JSON output for seamless integration with scripts and pipelines.

• New Flags: --json / -j produce machine-readable JSON for all info commands.
• Supported Commands: list, benchmark, and test (integrity check) all emit JSON output.
• Comprehensive Tests: New CLI test suite covering single/multiple files, valid/corrupt scenarios.

Bug Fixes & Safety

• Fix Out-of-Bounds Read (#89): Added branchless bounds check in zxc_le_partial to prevent potential buffer overflow when n > sizeof(uint64_t). Resolves -Wstringop-overflow compiler warnings on GCC.
• ClusterFuzzLite Compatibility: Workaround for Docker 29+ API incompatibility with ClusterFuzzLite v1 (temporary Docker downgrade in CI).

---

Full Changelog: v0.6.3...v0.7.0