October 2021 Pull Requests not previously merged to 1.12 (#1570)

author: Larry Knox <lrknox@hdfgroup.org> 2022-04-01 19:19:43 (GMT)
committer: GitHub <noreply@github.com> 2022-04-01 19:19:43 (GMT)
commit: 210e0d91d158ea80e6d76d5656b2b467d0d1a9e6 (patch)
tree: 3b6cf0aaf9163158c22b36f092819c206383c9f3
parent: f280d68e851015fed9db6b56dee05414c8f08921 (diff)
download: hdf5-210e0d91d158ea80e6d76d5656b2b467d0d1a9e6.zip
hdf5-210e0d91d158ea80e6d76d5656b2b467d0d1a9e6.tar.gz
hdf5-210e0d91d158ea80e6d76d5656b2b467d0d1a9e6.tar.bz2
4 files changed, 109 insertions, 65 deletions
diff --git a/fortran/test/tH5A.F90 b/fortran/test/tH5A.F90
index 4d56bed..d5ce9a2 100644
--- a/fortran/test/tH5A.F90
+++ b/fortran/test/tH5A.F90
@@ -408,13 +408,13 @@ CONTAINS
      !open the INTEGER attrbute by name
      !
      CALL h5aopen_name_f(dset_id, aname5, attr5_id, error)
-     CALL check("h5aopen_idx_f",error,total_error)
+     CALL check("h5aopen_name_f",error,total_error)
 
      !
      !open the NULL attrbute by name
      !
      CALL h5aopen_name_f(dset_id, aname6, attr6_id, error)
-     CALL check("h5aopen_idx_f",error,total_error)
+     CALL check("h5aopen_name_f",error,total_error)
 
      !
      !get the attrbute name
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt
index 8acbcd0..8e269bf 100644
--- a/release_docs/RELEASE.txt
+++ b/release_docs/RELEASE.txt
@@ -101,7 +101,13 @@ New Features
       that default ON/enabled.
 
       Add configure options (autotools - CMake):
-            enable-hltools       HDF5_BUILD_HL_TOOLS
+            --enable-hltools       HDF5_BUILD_HL_TOOLS
+
+      Disabling this option prevents building the gif tool which
+      contains the following CVEs:
+          HDFFV-10592 CVE-2018-17433
+          HDFFV-10593 CVE-2018-17436
+          HDFFV-11048 CVE-2020-10809
 
       (ADB - 2021/09/16, HDFFV-11266)
 
@@ -347,6 +353,14 @@ Bug Fixes since HDF5-1.12.1 release
 
         (DER - 2021/08/12, HDFFV-11053)
 
+    - Fixed a segmentation fault
+
+      A segmentation fault occurred with a Mathworks corrupted file.
+
+      A detection of accessing a null pointer was added to prevent the problem.
+
+      (BMR - 2021/02/19, HDFFV-11150)
+
     - H5Pset_fapl_log() no longer crashes when passed an invalid fapl ID
 
         When passed an invalid fapl ID, H5Pset_fapl_log() would usually
@@ -372,6 +386,17 @@ Bug Fixes since HDF5-1.12.1 release
 
         (DER - 2021/04/27, HDFFV-11239)
 
+    - Fixed CVE-2018-17432
+
+        The tool h5repack produced a segfault on a corrupted file which had
+        invalid rank for scalar or NULL datatype.
+
+        The problem was fixed in HDF5 1.12.1 by modifying the dataspace encode 
+        and decode functions to detect and report invalid rank. h5repack now 
+        fails with an error message for the corrupted file.
+
+        (BMR - 2020/10/26, HDFFV-10590)
+
 
     Java Library
     ------------
@@ -472,8 +497,8 @@ Bug Fixes since HDF5-1.12.1 release
     -
 
 
-Supported Platforms
-===================
+    Supported Platforms
+    ===================
 
     Linux 2.6.32-696.16.1.el6.ppc64 gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-18)
     #1 SMP ppc64 GNU/Linux        g++ (GCC) 4.4.7 20120313 (Red Hat 4.4.7-18)
@@ -483,11 +508,11 @@ Supported Platforms
 
     Linux 3.10.0-327.10.1.el7   GNU C (gcc), Fortran (gfortran), C++ (g++)
     #1 SMP x86_64 GNU/Linux       compilers:
-    (kituo/moohan)                Version 4.8.5 20150623 (Red Hat 4.8.5-4)
+    (kituo/moohan)                  Version 4.8.5 20150623 (Red Hat 4.8.5-4)
                                     Version 4.9.3, 5.2.0, 7.1.0
                                   Intel(R) C (icc), C++ (icpc), Fortran (icc)
                                   compilers:
-                                     Version 17.0.0.098 Build 20160721
+                                    Version 17.0.0.098 Build 20160721
                                   MPICH 3.1.4
 
     Linux-3.10.0-                 spectrum-mpi/rolling-release with cmake>3.10 and
@@ -517,7 +542,7 @@ Supported Platforms
     SunOS 5.11 32- and 64-bit     Sun C 5.12 SunOS_sparc
     (emu)                         Sun Fortran 95 8.6 SunOS_sparc
                                   Sun C++ 5.12 SunOS_sparc
-
+    
     Windows 10 x64                Visual Studio 2015 w/ Intel Fortran 18 (cmake)
                                   Visual Studio 2017 w/ Intel Fortran 19 (cmake)
                                   Visual Studio 2019 w/ Intel Fortran 19 (cmake)
@@ -554,7 +579,7 @@ Tested Configuration Features Summary
           <blank> = testing incomplete on this feature or platform
 
 Platform                              C         F90/   F90      C++  zlib  SZIP
-                                      parallel  F2003  parallel
+                                  parallel  F2003  parallel
 Solaris2.11 32-bit                      n        y/y    n        y    y     y
 Solaris2.11 64-bit                      n        y/n    n        y    y     y
 Windows 10                              y        y/y    n        y    y     y
@@ -572,7 +597,7 @@ Linux 2.6.32-573.18.1.el6.ppc64         n        y/n    n        y    y     y
 
 
 Platform                                 Shared  Shared    Shared    Thread-
-                                         C libs  F90 libs  C++ libs  safe
+                                     C libs  F90 libs  C++ libs  safe
 Solaris2.11 32-bit                         y       y         y         y
 Solaris2.11 64-bit                         y       y         y         y
 Windows 10                                 y       y         y         y
@@ -596,56 +621,56 @@ More Tested Platforms
 =====================
 The following platforms are not supported but have been tested for this release.
 
-    Linux 2.6.32-573.22.1.el6    GNU C (gcc), Fortran (gfortran), C++ (g++)
-    #1 SMP x86_64 GNU/Linux       compilers:
-    (mayll/platypus)                 Version 4.4.7 20120313
-                                     Version 4.9.3, 5.3.0, 6.2.0
-                                  PGI C, Fortran, C++ for 64-bit target on
-                                  x86-64;
-                                      Version 17.10-0
-                                  Intel(R) C (icc), C++ (icpc), Fortran (icc)
-                                  compilers:
-                                     Version 17.0.4.196 Build 20170411
-                                  MPICH 3.1.4 compiled with GCC 4.9.3
-
-    Linux 3.10.0-327.18.2.el7     GNU C (gcc) and C++ (g++) compilers
-    #1 SMP x86_64 GNU/Linux          Version 4.8.5 20150623 (Red Hat 4.8.5-4)
-    (jelly)                       with NAG Fortran Compiler Release 6.1(Tozai)
-                                  GCC Version 7.1.0
-                                  OpenMPI 3.0.0-GCC-7.2.0-2.29
-                                  Intel(R) C (icc) and C++ (icpc) compilers
-                                     Version 17.0.0.098 Build 20160721
-                                  with NAG Fortran Compiler Release 6.1(Tozai)
-                                  PGI C (pgcc), C++ (pgc++), Fortran (pgf90)
-                                  compilers:
-                                     Version 18.4, 19.4
-                                  MPICH 3.3
-                                  OpenMPI 2.1.5, 3.1.3, 4.0.0
-
-
-    Fedora33 5.11.18-200.fc33.x86_64
-    #1 SMP x86_64  GNU/Linux         GNU gcc (GCC) 10.3.1 20210422 (Red Hat 10.3.1-1)
-                                     GNU Fortran (GCC) 10.3.1 20210422 (Red Hat 10.3.1-1)
-                                     clang version 11.0.0 (Fedora 11.0.0-2.fc33)
-                                     (cmake and autotools)
-
-    Ubuntu20.04 5.8.0-53-generic-x86_64
-    #60~20.04-Ubuntu SMP x86_64  GNU/Linux GNU gcc (GCC) 9.3.0-17ubuntu1
-                                     GNU Fortran (GCC) 9.3.0-17ubuntu1
-                                     clang version 10.0.0-4ubuntu1
-                                     (cmake and autotools)
-
-    Ubuntu20.10 5.8.0-53-generic-x86_64
-    #60-Ubuntu SMP x86_64  GNU/Linux GNU gcc (GCC) 10.2.0-13ubuntu1
-                                     GNU Fortran (GCC) 10.2.0-13ubuntu1
-                                     Ubuntu clang version 11.0.0-2
-                                     (cmake and autotools)
-
-    SUSE15sp2 5.3.18-22-default
-    #1 SMP x86_64  GNU/Linux         GNU gcc (SUSE Linux) 7.5.0
-                                     GNU Fortran (SUSE Linux) 7.5.0
-                                     clang version 7.0.1 (tags/RELEASE_701/final 349238)
-                                     (cmake and autotools)
+Linux 2.6.32-573.22.1.el6    GNU C (gcc), Fortran (gfortran), C++ (g++)
+#1 SMP x86_64 GNU/Linux       compilers:
+(mayll/platypus)                 Version 4.4.7 20120313
+                                 Version 4.9.3, 5.3.0, 6.2.0
+                              PGI C, Fortran, C++ for 64-bit target on
+                              x86-64;
+                                  Version 17.10-0
+                              Intel(R) C (icc), C++ (icpc), Fortran (icc)
+                              compilers:
+                                 Version 17.0.4.196 Build 20170411
+                              MPICH 3.1.4 compiled with GCC 4.9.3
+
+Linux 3.10.0-327.18.2.el7     GNU C (gcc) and C++ (g++) compilers
+#1 SMP x86_64 GNU/Linux          Version 4.8.5 20150623 (Red Hat 4.8.5-4)
+(jelly)                       with NAG Fortran Compiler Release 6.1(Tozai)
+                              GCC Version 7.1.0
+                              OpenMPI 3.0.0-GCC-7.2.0-2.29
+                              Intel(R) C (icc) and C++ (icpc) compilers
+                                 Version 17.0.0.098 Build 20160721
+                              with NAG Fortran Compiler Release 6.1(Tozai)
+                              PGI C (pgcc), C++ (pgc++), Fortran (pgf90)
+                              compilers:
+                                 Version 18.4, 19.4
+                              MPICH 3.3
+                              OpenMPI 2.1.5, 3.1.3, 4.0.0
+
+
+Fedora33 5.11.18-200.fc33.x86_64
+#1 SMP x86_64  GNU/Linux         GNU gcc (GCC) 10.3.1 20210422 (Red Hat 10.3.1-1)
+                                 GNU Fortran (GCC) 10.3.1 20210422 (Red Hat 10.3.1-1)
+                                 clang version 11.0.0 (Fedora 11.0.0-2.fc33)
+                                 (cmake and autotools)
+
+Ubuntu20.04 5.8.0-53-generic-x86_64
+#60~20.04-Ubuntu SMP x86_64  GNU/Linux GNU gcc (GCC) 9.3.0-17ubuntu1
+                                 GNU Fortran (GCC) 9.3.0-17ubuntu1
+                                 clang version 10.0.0-4ubuntu1
+                                 (cmake and autotools)
+
+Ubuntu20.10 5.8.0-53-generic-x86_64
+#60-Ubuntu SMP x86_64  GNU/Linux GNU gcc (GCC) 10.2.0-13ubuntu1
+                                 GNU Fortran (GCC) 10.2.0-13ubuntu1
+                                 Ubuntu clang version 11.0.0-2
+                                 (cmake and autotools)
+
+SUSE15sp2 5.3.18-22-default
+#1 SMP x86_64  GNU/Linux         GNU gcc (SUSE Linux) 7.5.0
+                                 GNU Fortran (SUSE Linux) 7.5.0
+                                 clang version 7.0.1 (tags/RELEASE_701/final 349238)
+                                 (cmake and autotools)
 
 
 Known Problems
@@ -716,3 +741,11 @@ The share folder will have the most differences because CMake builds include
 a number of CMake specific files for support of CMake's find_package and support
 for the HDF5 Examples CMake project.
 
+The issues with the gif tool are:
+HDFFV-10592 CVE-2018-17433
+HDFFV-10593 CVE-2018-17436
+HDFFV-11048 CVE-2020-10809
+These CVE issues have not yet been addressed and can be avoided by not building
+the gif tool. Disable building the High-Level tools with these options:
+autotools:   --disable-hltools
+cmake:       HDF5_BUILD_HL_TOOLS=OFF
diff --git a/tools/test/h5repack/CMakeTests.cmake b/tools/test/h5repack/CMakeTests.cmake
index 6e9cdf7..09648ff 100644
--- a/tools/test/h5repack/CMakeTests.cmake
+++ b/tools/test/h5repack/CMakeTests.cmake
@@ -1552,12 +1552,12 @@
   ADD_H5_TEST (HDFFV-7840 "TEST" h5diff_attr1.h5)
 
 # test CVE-2018-17432 fix
-  set (arg h5repack_CVE-2018-17432.h5 h5repack__CVE-2018-17432_out.h5 --low=1 --high=2 -f GZIP=8 -l dset1:CHUNK=5x6)
+  set (arg h5repack_CVE-2018-17432.h5 --low=1 --high=2 -f GZIP=8 -l dset1:CHUNK=5x6)
   set (TESTTYPE "TEST")
   ADD_H5_FILTER_TEST (HDFFV-10590 "" ${TESTTYPE} 1 ${arg})
 
 # test CVE-2018-14460 fix
-  set (arg h5repack_CVE-2018-14460.h5 h5repack_CVE-2018-14460_out.h5)
+  set (arg h5repack_CVE-2018-14460.h5)
   set (TESTTYPE "TEST")
   ADD_H5_FILTER_TEST (HDFFV-11223 "" ${TESTTYPE} 1 ${arg})
 
diff --git a/tools/test/h5repack/h5repack.sh.in b/tools/test/h5repack/h5repack.sh.in
index 3756a95..1e54670 100644
--- a/tools/test/h5repack/h5repack.sh.in
+++ b/tools/test/h5repack/h5repack.sh.in
@@ -885,13 +885,24 @@ TOOLTEST_FAIL()
     (
         cd $TESTDIR
         $ENVCMD $RUNSERIAL $H5REPACK_BIN "$@" $infile $outfile
-    ) >$actual
+    ) >&$actual
     RET=$?
-    if [ $RET == 0 ] ; then
+
+    # Normally h5repack of files tested with this function are expected
+    # to return not 0, but if the command results in "Segmentation fault"
+    # or "core dumped" it is a failure regardless of the return value.
+    failure=`grep -e 'Segmentation fault' -e 'core dumped' $actual`
+    if [ "$failure" != "" ]; then
         nerrors="`expr $nerrors + 1`"
         echo " FAILED"
+        echo "    $failure"
     else
-        echo " PASSED"
+        if [ $RET == 0 ] ; then
+            nerrors="`expr $nerrors + 1`"
+            echo " FAILED"
+        else
+            echo " PASSED"
+        fi
     fi
     rm -f $outfile
 }
author	Larry Knox <lrknox@hdfgroup.org>	2022-04-01 19:19:43 (GMT)
committer	GitHub <noreply@github.com>	2022-04-01 19:19:43 (GMT)
commit	210e0d91d158ea80e6d76d5656b2b467d0d1a9e6 (patch)
tree	3b6cf0aaf9163158c22b36f092819c206383c9f3
parent	f280d68e851015fed9db6b56dee05414c8f08921 (diff)
download	hdf5-210e0d91d158ea80e6d76d5656b2b467d0d1a9e6.zip hdf5-210e0d91d158ea80e6d76d5656b2b467d0d1a9e6.tar.gz hdf5-210e0d91d158ea80e6d76d5656b2b467d0d1a9e6.tar.bz2