hdf5.git - Mirror from: https://github.com/HDFGroup/hdf5.git

diff options

author	Egbert Eich <eich@suse.com>	2023-03-02 17:17:49 (GMT)
committer	GitHub <noreply@github.com>	2023-03-02 17:17:49 (GMT)
commit	b16ec83d4bd79f9ffaad85de16056419f3532887 (patch)
tree	a8d04d51a806c1f0a0c52485ff8dc60c487ddc14 /.github
parent	877e4a67c5440f801e9faccf4ca1a451c89eae59 (diff)
download	hdf5-b16ec83d4bd79f9ffaad85de16056419f3532887.zip hdf5-b16ec83d4bd79f9ffaad85de16056419f3532887.tar.gz hdf5-b16ec83d4bd79f9ffaad85de16056419f3532887.tar.bz2

Check for overflow when calculating on-disk attribute data size (#2459)

* Remove duplicate code Signed-off-by: Egbert Eich <eich@suse.com> * Add test case for CVE-2021-37501 Bogus sizes in this test case causes the on-disk data size calculation in H5O__attr_decode() to overflow so that the calculated size becomes 0. This causes the read to overflow and h5dump to segfault. This test case was crafted, the test file was not directly generated by HDF5. Test case from: https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md

Diffstat (limited to '.github')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: