markly 0.7.0 → 0.8.1

data/ext/markly/autolink.c

@@ -2,6 +2,7 @@
 #include <parser.h>
 #include <string.h>
 #include <utf8.h>
+#include <stddef.h>
 
 #if defined(_WIN32)
 #define strncasecmp _strnicmp
@@ -35,44 +36,25 @@ static int sd_autolink_issafe(const uint8_t *link, size_t link_len) {
 }
 
 static size_t autolink_delim(uint8_t *data, size_t link_end) {
-  uint8_t cclose, copen;
   size_t i;
+  size_t closing = 0;
+  size_t opening = 0;
 
-  for (i = 0; i < link_end; ++i)
-    if (data[i] == '<') {
+  for (i = 0; i < link_end; ++i) {
+    const uint8_t c = data[i];
+    if (c == '<') {
       link_end = i;
       break;
+    } else if (c == '(') {
+      opening++;
+    } else if (c == ')') {
+      closing++;
     }
+  }
 
   while (link_end > 0) {
-    cclose = data[link_end - 1];
-
-    switch (cclose) {
+    switch (data[link_end - 1]) {
     case ')':
-      copen = '(';
-      break;
-    default:
-      copen = 0;
-    }
-
-    if (strchr("?!.,:*_~'\"", data[link_end - 1]) != NULL)
-      link_end--;
-
-    else if (data[link_end - 1] == ';') {
-      size_t new_end = link_end - 2;
-
-      while (new_end > 0 && cmark_isalpha(data[new_end]))
-        new_end--;
-
-      if (new_end < link_end - 2 && data[new_end] == '&')
-        link_end = new_end;
-      else
-        link_end--;
-    } else if (copen != 0) {
-      size_t closing = 0;
-      size_t opening = 0;
-      i = 0;
-
       /* Allow any number of matching brackets (as recognised in copen/cclose)
        * at the end of the URL.  If there is a greater number of closing
        * brackets than opening ones, we remove one character from the end of
@@ -80,34 +62,52 @@ static size_t autolink_delim(uint8_t *data, size_t link_end) {
        *
        * Examples (input text => output linked portion):
        *
-       *	http://www.pokemon.com/Pikachu_(Electric)
-       *		=> http://www.pokemon.com/Pikachu_(Electric)
+       *        http://www.pokemon.com/Pikachu_(Electric)
+       *                => http://www.pokemon.com/Pikachu_(Electric)
        *
-       *	http://www.pokemon.com/Pikachu_((Electric)
-       *		=> http://www.pokemon.com/Pikachu_((Electric)
+       *        http://www.pokemon.com/Pikachu_((Electric)
+       *                => http://www.pokemon.com/Pikachu_((Electric)
        *
-       *	http://www.pokemon.com/Pikachu_(Electric))
-       *		=> http://www.pokemon.com/Pikachu_(Electric)
+       *        http://www.pokemon.com/Pikachu_(Electric))
+       *                => http://www.pokemon.com/Pikachu_(Electric)
        *
-       *	http://www.pokemon.com/Pikachu_((Electric))
-       *		=> http://www.pokemon.com/Pikachu_((Electric))
+       *        http://www.pokemon.com/Pikachu_((Electric))
+       *                => http://www.pokemon.com/Pikachu_((Electric))
        */
-
-      while (i < link_end) {
-        if (data[i] == copen)
-          opening++;
-        else if (data[i] == cclose)
-          closing++;
-
-        i++;
+      if (closing <= opening) {
+        return link_end;
       }
+      closing--;
+      link_end--;
+      break;
+    case '?':
+    case '!':
+    case '.':
+    case ',':
+    case ':':
+    case '*':
+    case '_':
+    case '~':
+    case '\'':
+    case '"':
+      link_end--;
+      break;
+    case ';': {
+      size_t new_end = link_end - 2;
 
-      if (closing <= opening)
-        break;
+      while (new_end > 0 && cmark_isalpha(data[new_end]))
+        new_end--;
 
-      link_end--;
-    } else
+      if (new_end < link_end - 2 && data[new_end] == '&')
+        link_end = new_end;
+      else
+        link_end--;
       break;
+    }
+
+    default:
+      return link_end;
+    }
   }
 
   return link_end;
@@ -116,7 +116,20 @@ static size_t autolink_delim(uint8_t *data, size_t link_end) {
 static size_t check_domain(uint8_t *data, size_t size, int allow_short) {
   size_t i, np = 0, uscore1 = 0, uscore2 = 0;
 
+  /* The purpose of this code is to reject urls that contain an underscore
+   * in one of the last two segments. Examples:
+   *
+   *   www.xxx.yyy.zzz     autolinked
+   *   www.xxx.yyy._zzz    not autolinked
+   *   www.xxx._yyy.zzz    not autolinked
+   *   www._xxx.yyy.zzz    autolinked
+   *
+   * The reason is that domain names are allowed to include underscores,
+   * but host names are not. See: https://stackoverflow.com/a/2183140
+   */
   for (i = 1; i < size - 1; i++) {
+    if (data[i] == '\\' && i < size - 2)
+      i++;
     if (data[i] == '_')
       uscore2++;
     else if (data[i] == '.') {
@@ -127,8 +140,17 @@ static size_t check_domain(uint8_t *data, size_t size, int allow_short) {
       break;
   }
 
-  if (uscore1 > 0 || uscore2 > 0)
-    return 0;
+  if (uscore1 > 0 || uscore2 > 0) {
+    /* If the url is very long then accept it despite the underscores,
+     * to avoid quadratic behavior causing a denial of service. See:
+     * https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c
+     * Reasonable urls are unlikely to have more than 10 segments, so
+     * this extra condition shouldn't have any impact on normal usage.
+     */
+    if (np <= 10) {
+      return 0;
+    }
+  }
 
   if (allow_short) {
     /* We don't need a valid domain in the strict sense (with
@@ -165,7 +187,7 @@ static cmark_node *www_match(cmark_parser *parser, cmark_node *parent,
   if (link_end == 0)
     return NULL;
 
-  while (link_end < size && !cmark_isspace(data[link_end]))
+  while (link_end < size && !cmark_isspace(data[link_end]) && data[link_end] != '<')
     link_end++;
 
   link_end = autolink_delim(data, link_end);
@@ -225,7 +247,7 @@ static cmark_node *url_match(cmark_parser *parser, cmark_node *parent,
     return 0;
 
   link_end += domain_len;
-  while (link_end < size && !cmark_isspace(data[link_end]))
+  while (link_end < size && !cmark_isspace(data[link_end]) && data[link_end] != '<')
     link_end++;
 
   link_end = autolink_delim(data, link_end);
@@ -245,6 +267,11 @@ static cmark_node *url_match(cmark_parser *parser, cmark_node *parent,
   cmark_node *text = cmark_node_new_with_mem(CMARK_NODE_TEXT, parser->mem);
   text->as.literal = url;
   cmark_node_append_child(node, text);
+  
+  node->start_line = text->start_line = node->end_line = text->end_line = cmark_inline_parser_get_line(inline_parser);
+
+  node->start_column = text->start_column = max_rewind - rewind;
+  node->end_column = text->end_column = cmark_inline_parser_get_column(inline_parser) - 1;
 
   return node;
 }
@@ -269,111 +296,167 @@ static cmark_node *match(cmark_syntax_extension *ext, cmark_parser *parser,
   // inline was finished in inlines.c.
 }
 
-static void postprocess_text(cmark_parser *parser, cmark_node *text, int offset, int depth) {
-  // postprocess_text can recurse very deeply if there is a very long line of
-  // '@' only.  Stop at a reasonable depth to ensure it cannot crash.
-  if (depth > 1000) return;
+static bool validate_protocol(const char protocol[], uint8_t *data, size_t rewind, size_t max_rewind) {
+  size_t len = strlen(protocol);
 
-  size_t link_end;
-  uint8_t *data = text->as.literal.data,
-    *at;
-  size_t size = text->as.literal.len;
-  int rewind, max_rewind,
-      nb = 0, np = 0, ns = 0;
+  if (len > (max_rewind - rewind)) {
+    return false;
+  }
 
-  if (offset < 0 || (size_t)offset >= size)
-    return;
+  // Check that the protocol matches
+  if (memcmp(data - rewind - len, protocol, len) != 0) {
+    return false;
+  }
 
-  data += offset;
-  size -= offset;
+  if (len == (max_rewind - rewind)) {
+    return true;
+  }
 
-  at = (uint8_t *)memchr(data, '@', size);
-  if (!at)
-    return;
+  char prev_char = data[-((ptrdiff_t)rewind) - len - 1];
 
-  max_rewind = (int)(at - data);
-  data += max_rewind;
-  size -= max_rewind;
+  // Make sure the character before the protocol is non-alphanumeric
+  return !cmark_isalnum(prev_char);
+}
 
-  for (rewind = 0; rewind < max_rewind; ++rewind) {
-    uint8_t c = data[-rewind - 1];
+static void postprocess_text(cmark_parser *parser, cmark_node *text) {
+  size_t start = 0;
+  size_t offset = 0;
+  // `text` is going to be split into a list of nodes containing shorter segments
+  // of text, so we detach the memory buffer from text and use `cmark_chunk_dup` to
+  // create references to it. Later, `cmark_chunk_to_cstr` is used to convert
+  // the references into allocated buffers. The detached buffer is freed before we
+  // return.
+  cmark_chunk detached_chunk = text->as.literal;
+  text->as.literal = cmark_chunk_dup(&detached_chunk, 0, detached_chunk.len);
+
+  uint8_t *data = text->as.literal.data;
+  size_t remaining = text->as.literal.len;
+
+  while (true) {
+    size_t link_end;
+    uint8_t *at;
+    bool auto_mailto = true;
+    bool is_xmpp = false;
+    size_t rewind;
+    size_t max_rewind;
+    size_t np = 0;
+
+    if (offset >= remaining)
+      break;
 
-    if (cmark_isalnum(c))
-      continue;
+    at = (uint8_t *)memchr(data + start + offset, '@', remaining - offset);
+    if (!at)
+      break;
 
-    if (strchr(".+-_", c) != NULL)
-      continue;
+    max_rewind = at - (data + start + offset);
 
-    if (c == '/')
-      ns++;
+found_at:
+    for (rewind = 0; rewind < max_rewind; ++rewind) {
+      uint8_t c = data[start + offset + max_rewind - rewind - 1];
 
-    break;
-  }
+      if (cmark_isalnum(c))
+        continue;
 
-  if (rewind == 0 || ns > 0) {
-    postprocess_text(parser, text, max_rewind + 1 + offset, depth + 1);
-    return;
-  }
+      if (strchr(".+-_", c) != NULL)
+        continue;
 
-  for (link_end = 0; link_end < size; ++link_end) {
-    uint8_t c = data[link_end];
+      if (strchr(":", c) != NULL) {
+        if (validate_protocol("mailto:", data + start + offset + max_rewind, rewind, max_rewind)) {
+          auto_mailto = false;
+          continue;
+        }
 
-    if (cmark_isalnum(c))
-      continue;
+        if (validate_protocol("xmpp:", data + start + offset + max_rewind, rewind, max_rewind)) {
+          auto_mailto = false;
+          is_xmpp = true;
+          continue;
+        }
+      }
 
-    if (c == '@')
-      nb++;
-    else if (c == '.' && link_end < size - 1 && cmark_isalnum(data[link_end + 1]))
-      np++;
-    else if (c != '-' && c != '_')
       break;
-  }
+    }
 
-  if (link_end < 2 || nb != 1 || np == 0 ||
-      (!cmark_isalpha(data[link_end - 1]) && data[link_end - 1] != '.')) {
-    postprocess_text(parser, text, max_rewind + 1 + offset, depth + 1);
-    return;
-  }
+    if (rewind == 0) {
+      offset += max_rewind + 1;
+      continue;
+    }
 
-  link_end = autolink_delim(data, link_end);
+    assert(data[start + offset + max_rewind] == '@');
+    for (link_end = 1; link_end < remaining - offset - max_rewind; ++link_end) {
+      uint8_t c = data[start + offset + max_rewind + link_end];
+
+      if (cmark_isalnum(c))
+        continue;
+
+      if (c == '@') {
+        // Found another '@', so go back and try again with an updated offset and max_rewind.
+        offset += max_rewind + 1;
+        max_rewind = link_end - 1;
+        goto found_at;
+      } else if (c == '.' && link_end < remaining - offset - max_rewind - 1 &&
+               cmark_isalnum(data[start + offset + max_rewind + link_end + 1]))
+        np++;
+      else if (c == '/' && is_xmpp)
+        continue;
+      else if (c != '-' && c != '_')
+        break;
+    }
 
-  if (link_end == 0) {
-    postprocess_text(parser, text, max_rewind + 1 + offset, depth + 1);
-    return;
-  }
+    if (link_end < 2 || np == 0 ||
+        (!cmark_isalpha(data[start + offset + max_rewind + link_end - 1]) &&
+         data[start + offset + max_rewind + link_end - 1] != '.')) {
+      offset += max_rewind + link_end;
+      continue;
+    }
 
-  cmark_chunk_to_cstr(parser->mem, &text->as.literal);
+    link_end = autolink_delim(data + start + offset + max_rewind, link_end);
 
-  cmark_node *link_node = cmark_node_new_with_mem(CMARK_NODE_LINK, parser->mem);
-  cmark_strbuf buf;
-  cmark_strbuf_init(parser->mem, &buf, 10);
-  cmark_strbuf_puts(&buf, "mailto:");
-  cmark_strbuf_put(&buf, data - rewind, (bufsize_t)(link_end + rewind));
-  link_node->as.link.url = cmark_chunk_buf_detach(&buf);
-
-  cmark_node *link_text = cmark_node_new_with_mem(CMARK_NODE_TEXT, parser->mem);
-  cmark_chunk email = cmark_chunk_dup(
-      &text->as.literal,
-      offset + max_rewind - rewind,
+    if (link_end == 0) {
+      offset += max_rewind + 1;
+      continue;
+    }
+
+    cmark_node *link_node = cmark_node_new_with_mem(CMARK_NODE_LINK, parser->mem);
+    cmark_strbuf buf;
+    cmark_strbuf_init(parser->mem, &buf, 10);
+    if (auto_mailto)
+      cmark_strbuf_puts(&buf, "mailto:");
+    cmark_strbuf_put(&buf, data + start + offset + max_rewind - rewind, (bufsize_t)(link_end + rewind));
+    link_node->as.link.url = cmark_chunk_buf_detach(&buf);
+
+    cmark_node *link_text = cmark_node_new_with_mem(CMARK_NODE_TEXT, parser->mem);
+    cmark_chunk email = cmark_chunk_dup(
+      &detached_chunk,
+      (bufsize_t)(start + offset + max_rewind - rewind),
       (bufsize_t)(link_end + rewind));
-  cmark_chunk_to_cstr(parser->mem, &email);
-  link_text->as.literal = email;
-  cmark_node_append_child(link_node, link_text);
+    cmark_chunk_to_cstr(parser->mem, &email);
+    link_text->as.literal = email;
+    cmark_node_append_child(link_node, link_text);
 
-  cmark_node_insert_after(text, link_node);
+    cmark_node_insert_after(text, link_node);
 
-  cmark_node *post = cmark_node_new_with_mem(CMARK_NODE_TEXT, parser->mem);
-  post->as.literal = cmark_chunk_dup(&text->as.literal,
-    (bufsize_t)(offset + max_rewind + link_end),
-    (bufsize_t)(size - link_end));
-  cmark_chunk_to_cstr(parser->mem, &post->as.literal);
+    cmark_node *post = cmark_node_new_with_mem(CMARK_NODE_TEXT, parser->mem);
+    post->as.literal = cmark_chunk_dup(&detached_chunk,
+                                       (bufsize_t)(start + offset + max_rewind + link_end),
+                                       (bufsize_t)(remaining - offset - max_rewind - link_end));
 
-  cmark_node_insert_after(link_node, post);
+    cmark_node_insert_after(link_node, post);
 
-  text->as.literal.len = offset + max_rewind - rewind;
-  text->as.literal.data[text->as.literal.len] = 0;
+    text->as.literal = cmark_chunk_dup(&detached_chunk, (bufsize_t)start, (bufsize_t)(offset + max_rewind - rewind));
+    cmark_chunk_to_cstr(parser->mem, &text->as.literal);
+
+    text = post;
+    start += offset + max_rewind + link_end;
+    remaining -= offset + max_rewind + link_end;
+    offset = 0;
+  }
+
+  // Convert the reference to allocated memory.
+  assert(!text->as.literal.alloc);
+  cmark_chunk_to_cstr(parser->mem, &text->as.literal);
 
-  postprocess_text(parser, post, 0, depth + 1);
+  // Free the detached buffer.
+  cmark_chunk_free(parser->mem, &detached_chunk);
 }
 
 static cmark_node *postprocess(cmark_syntax_extension *ext, cmark_parser *parser, cmark_node *root) {
@@ -400,7 +483,7 @@ static cmark_node *postprocess(cmark_syntax_extension *ext, cmark_parser *parser
     }
 
     if (ev == CMARK_EVENT_ENTER && node->type == CMARK_NODE_TEXT) {
-      postprocess_text(parser, node, 0, /*depth*/0);
+      postprocess_text(parser, node);
     }
   }
 

data/ext/markly/blocks.c

@@ -8,6 +8,7 @@
 #include <stdlib.h>
 #include <assert.h>
 #include <stdio.h>
+#include <limits.h>
 
 #include "cmark_ctype.h"
 #include "syntax_extension.h"
@@ -26,6 +27,14 @@
 #define CODE_INDENT 4
 #define TAB_STOP 4
 
+/**
+ * Very deeply nested lists can cause quadratic performance issues.
+ * This constant is used in open_new_blocks() to limit the nesting
+ * depth. It is unlikely that a non-contrived markdown document will
+ * be nested this deeply.
+ */
+#define MAX_LIST_DEPTH 100
+
 #ifndef MIN
 #define MIN(x, y) ((x < y) ? x : y)
 #endif
@@ -639,6 +648,14 @@ static cmark_node *finalize_document(cmark_parser *parser) {
   }
 
   finalize(parser, parser->root);
+
+  // Limit total size of extra content created from reference links to
+  // document size to avoid superlinear growth. Always allow 100KB.
+  if (parser->total_size > 100000)
+    parser->refmap->max_ref_size = parser->total_size;
+  else
+    parser->refmap->max_ref_size = 100000;
+
   process_inlines(parser, parser->refmap, parser->options);
   if (parser->options & CMARK_OPT_FOOTNOTES)
     process_footnotes(parser);
@@ -698,6 +715,11 @@ static void S_parser_feed(cmark_parser *parser, const unsigned char *buffer,
   const unsigned char *end = buffer + len;
   static const uint8_t repl[] = {239, 191, 189};
 
+  if (len > UINT_MAX - parser->total_size)
+    parser->total_size = UINT_MAX;
+  else
+    parser->total_size += len;
+
   if (parser->last_buffer_ended_with_cr && *buffer == '\n') {
     // skip NL if last buffer ended with CR ; see #117
     buffer++;
@@ -1105,10 +1127,11 @@ static void open_new_blocks(cmark_parser *parser, cmark_node **container,
   bool has_content;
   int save_offset;
   int save_column;
+  size_t depth = 0;
 
   while (cont_type != CMARK_NODE_CODE_BLOCK &&
          cont_type != CMARK_NODE_HTML_BLOCK) {
-
+    depth++;
     S_find_first_nonspace(parser, input);
     indented = parser->indent >= CODE_INDENT;
 
@@ -1197,12 +1220,13 @@ static void open_new_blocks(cmark_parser *parser, cmark_node **container,
                parser->options & CMARK_OPT_FOOTNOTES &&
                (matched = scan_footnote_definition(input, parser->first_nonspace))) {
       cmark_chunk c = cmark_chunk_dup(input, parser->first_nonspace + 2, matched - 2);
-      cmark_chunk_to_cstr(parser->mem, &c);
 
       while (c.data[c.len - 1] != ']')
         --c.len;
       --c.len;
 
+      cmark_chunk_to_cstr(parser->mem, &c);
+
       S_advance_offset(parser, input, parser->first_nonspace + matched - parser->offset, false);
       *container = add_child(parser, *container, CMARK_NODE_FOOTNOTE_DEFINITION, parser->first_nonspace + matched + 1);
       (*container)->as.literal = c;
@@ -1210,6 +1234,7 @@ static void open_new_blocks(cmark_parser *parser, cmark_node **container,
       (*container)->internal_offset = matched;
     } else if ((!indented || cont_type == CMARK_NODE_LIST) &&
 	       parser->indent < 4 &&
+               depth < MAX_LIST_DEPTH &&
                (matched = parse_list_marker(
                     parser->mem, input, parser->first_nonspace,
                     (*container)->type == CMARK_NODE_PARAGRAPH, &data))) {

data/ext/markly/cmark-gfm-core-extensions.h

@@ -6,45 +6,45 @@ extern "C" {
 #endif
 
 #include "cmark-gfm-extension_api.h"
-#include "cmark-gfm-extensions_export.h"
-#include "config.h" // for bool
+#include "cmark-gfm_export.h"
+#include <stdbool.h>
 #include <stdint.h>
 
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 void cmark_gfm_core_extensions_ensure_registered(void);
 
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 uint16_t cmark_gfm_extensions_get_table_columns(cmark_node *node);
 
 /** Sets the number of columns for the table, returning 1 on success and 0 on error.
  */
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 int cmark_gfm_extensions_set_table_columns(cmark_node *node, uint16_t n_columns);
 
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 uint8_t *cmark_gfm_extensions_get_table_alignments(cmark_node *node);
 
 /** Sets the alignments for the table, returning 1 on success and 0 on error.
  */
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 int cmark_gfm_extensions_set_table_alignments(cmark_node *node, uint16_t ncols, uint8_t *alignments);
 
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 int cmark_gfm_extensions_get_table_row_is_header(cmark_node *node);
 
 /** Sets whether the node is a table header row, returning 1 on success and 0 on error.
  */
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 int cmark_gfm_extensions_set_table_row_is_header(cmark_node *node, int is_header);
 
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 bool cmark_gfm_extensions_get_tasklist_item_checked(cmark_node *node);
 /* For backwards compatibility */
 #define cmark_gfm_extensions_tasklist_is_checked cmark_gfm_extensions_get_tasklist_item_checked
 
 /** Sets whether a tasklist item is "checked" (completed), returning 1 on success and 0 on error.
  */
-CMARK_GFM_EXTENSIONS_EXPORT
+CMARK_GFM_EXPORT
 int cmark_gfm_extensions_set_tasklist_item_checked(cmark_node *node, bool is_checked);
 
 #ifdef __cplusplus

data/ext/markly/cmark-gfm-extension_api.h

@@ -114,6 +114,7 @@ typedef struct delimiter {
   struct delimiter *previous;
   struct delimiter *next;
   cmark_node *inl_text;
+  bufsize_t position;
   bufsize_t length;
   unsigned char delim_char;
   int can_open;

data/ext/markly/cmark-gfm.h

@@ -111,13 +111,13 @@ typedef struct cmark_mem {
  * realloc and free.
  */
 CMARK_GFM_EXPORT
-cmark_mem *cmark_get_default_mem_allocator();
+cmark_mem *cmark_get_default_mem_allocator(void);
 
 /** An arena allocator; uses system calloc to allocate large
  * slabs of memory.  Memory in these slabs is not reused at all.
  */
 CMARK_GFM_EXPORT
-cmark_mem *cmark_get_arena_mem_allocator();
+cmark_mem *cmark_get_arena_mem_allocator(void);
 
 /** Resets the arena allocator, quickly returning all used memory
  * to the operating system.
@@ -225,6 +225,11 @@ CMARK_GFM_EXPORT cmark_node *cmark_node_first_child(cmark_node *node);
  */
 CMARK_GFM_EXPORT cmark_node *cmark_node_last_child(cmark_node *node);
 
+/** Returns the footnote reference of 'node', or NULL if 'node' doesn't have a
+ * footnote reference.
+ */
+CMARK_GFM_EXPORT cmark_node *cmark_node_parent_footnote_def(cmark_node *node);
+
 /**
  * ## Iterator
  *
@@ -408,6 +413,17 @@ CMARK_GFM_EXPORT int cmark_node_get_list_tight(cmark_node *node);
  */
 CMARK_GFM_EXPORT int cmark_node_set_list_tight(cmark_node *node, int tight);
 
+/**
+ * Returns item index of 'node'. This is only used when rendering output
+ * formats such as commonmark, which need to output the index. It is not
+ * required for formats such as html or latex.
+ */
+CMARK_GFM_EXPORT int cmark_node_get_item_index(cmark_node *node);
+
+/** Sets item index of 'node'. Returns 1 on success, 0 on failure.
+ */
+CMARK_GFM_EXPORT int cmark_node_set_item_index(cmark_node *node, int idx);
+
 /** Returns the info string from a fenced code block.
  */
 CMARK_GFM_EXPORT const char *cmark_node_get_fence_info(cmark_node *node);