diff options
author | Binh-Minh Ribler <bmribler@hdfgroup.org> | 2019-01-07 03:42:16 (GMT) |
---|---|---|
committer | Binh-Minh Ribler <bmribler@hdfgroup.org> | 2019-01-07 03:42:16 (GMT) |
commit | 820d8e34c5845f85690a4d65ca31b21fdcfd23cf (patch) | |
tree | a9cf62ad69d068f0cbd6c1c615d6cd6843cca749 | |
parent | aa62951a5fbbffa88185a58aea2b7526f5e66ce6 (diff) | |
download | hdf5-820d8e34c5845f85690a4d65ca31b21fdcfd23cf.zip hdf5-820d8e34c5845f85690a4d65ca31b21fdcfd23cf.tar.gz hdf5-820d8e34c5845f85690a4d65ca31b21fdcfd23cf.tar.bz2 |
Updated per review
Description:
HDFFV-10676 - CVE-2018-13873
Changed the new assert to if statement, per Dana's comment.
Platforms tested:
Linux/64 (jelly)
-rw-r--r-- | src/H5Ocache.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/H5Ocache.c b/src/H5Ocache.c index 034048f..34277d1 100644 --- a/src/H5Ocache.c +++ b/src/H5Ocache.c @@ -1404,7 +1404,8 @@ H5O__chunk_deserialize(H5O_t *oh, haddr_t addr, size_t len, const uint8_t *image if((flags & H5O_MSG_FLAG_WAS_UNKNOWN) && !(flags & H5O_MSG_FLAG_MARK_IF_UNKNOWN)) HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "bad flag combination for message") - HDassert(id < NELMTS(H5O_msg_class_g)); + if(id >= NELMTS(H5O_msg_class_g)) + HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "invalid type of current message") if((flags & H5O_MSG_FLAG_SHAREABLE) && H5O_msg_class_g[id] && !(H5O_msg_class_g[id]->share_flags & H5O_SHARE_IS_SHARABLE)) |