Merge branch 'master' into small-fixes

3 files changed, 9 insertions, 2 deletions

diff --git a/.gitignore b/.gitignore
index e885c6c..55a30d3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,4 @@ hoedown.exp
 hoedown.lib
 smartypants
 libhoedown.so*
+.DS_Store
diff --git a/README.md b/README.md
index e367cb4..e34d23c 100644
--- a/README.md
+++ b/README.md
@@ -32,10 +32,14 @@ Features
 
 	`Hoedown` has been extensively security audited, and includes protection against
 	all possible DOS attacks (stack overflows, out of memory situations, malformed
-	Markdown syntax...) and against client attacks through malicious embedded HTML.
+	Markdown syntax...).
 
 	We've worked very hard to make `Hoedown` never leak or crash under *any* input.
 
+	**Warning**: `Hoedown` doesn't validate or post-process the HTML in Markdown documents.
+	Unless you use `HTML_ESCAPE` or `HTML_SKIP`, you should strongly consider using a
+	good post-processor in conjunction with Hoedown to prevent client-side attacks.
+
 *	**Customizable renderers**
 
 	`Hoedown` is not stuck with XHTML output: the Markdown parser of the library
@@ -95,4 +99,6 @@ Just typing `make` will build `Hoedown` into a dynamic library and create the `h
 and `smartypants` executables, which are command-line tools to render Markdown to HTML
 and perform SmartyPants, respectively.
 
+If you are using [CocoaPods](http://cocoapods.org), just add the line `pod 'hoedown'` to your Podfile and call `pod install`.
+
 Or, if you prefer, you can just throw the files at `src` into your project.
diff --git a/src/document.c b/src/document.c
index cb1b9ab..ec7e45d 100644
--- a/src/document.c
+++ b/src/document.c
@@ -1356,7 +1356,7 @@ is_codefence(uint8_t *data, size_t size, size_t *width, uint8_t *chr)
 }
 
 /* expects single line, checks if it's a codefence and extracts language */
-static int
+static size_t
 parse_codefence(uint8_t *data, size_t size, hoedown_buffer *lang, size_t *width, uint8_t *chr)
 {
 	size_t i, w, lang_start;