Bayan shekaru uku na ci gaba, an fitar da GNU cflow 1.7 mai amfani, wanda aka tsara don gina hoto na gani na kiran aiki a cikin shirye-shiryen C, wanda za'a iya amfani dashi don sauƙaƙe nazarin dabarun aikace-aikacen. An gina jadawali ne kawai bisa nazarin rubutun tushe, ba tare da buƙatar aiwatar da shirin ba. Ana tallafawa ƙirƙira duka biyun gaba da baya na zane-zanen aiwatarwa, da kuma ƙirƙira jerin abubuwan da ke nuni ga fayilolin lamba.
Sakin sananne ne don aiwatar da goyan bayan tsarin fitarwa na “dige” ('—tsara = digo') don samar da sakamako a cikin yaren DOT don hangen nesa na gaba a cikin fakitin Graphviz. Ƙara ikon tantance ayyukan farawa da yawa ta hanyar kwafin zaɓuɓɓukan ''-babban''; za a ƙirƙira wani jadawali daban don kowane ɗayan waɗannan ayyukan. Har ila yau, an ƙara shi ne zaɓin "-target=FUNCTION", wanda ke ba ka damar iyakance jadawali da aka samu zuwa reshe kawai wanda ya ƙunshi wasu ayyuka (za'a iya ƙayyade zaɓin "--target" sau da yawa). An ƙara sabbin umarni don kewayawa jadawali zuwa yanayin cflow: “c” - je zuwa aikin kira, “n” - je zuwa aiki na gaba a matakin da aka ba da kuma “p” - je zuwa aikin da ya gabata tare da iri ɗaya. matakin gurbi.
Sabuwar sigar ta kuma kawar da lahani guda biyu waɗanda aka gano a baya a cikin 2019 kuma suna haifar da ɓarna a ƙwaƙwalwar ajiya lokacin sarrafa rubutun tushe na musamman a cikin cflow. Rashin lahani na farko (CVE-2019-16165) yana faruwa ta hanyar samun damar ƙwaƙwalwar ajiya mara amfani a cikin lambar fassar (aikin magana a cikin parser.c). Rashin lahani na biyu (CVE-2019-16166) yana da alaƙa da buffer ambaliya a cikin aikin nexttoken (). A cewar masu haɓakawa, waɗannan matsalolin ba su haifar da barazanar tsaro ba, tun da sun iyakance ga ƙarancin ƙarewar amfani.
source: budenet.ru