summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDana Robinson <43805+derobins@users.noreply.github.com>2023-10-16 17:20:18 (GMT)
committerGitHub <noreply@github.com>2023-10-16 17:20:18 (GMT)
commit85507981000e5d68788a3ff00f66adb1b0aca842 (patch)
treedf63b6dba2e4e5073927ac2e96231e60269c02fa
parentccb1a917b6e68bc51a6a4e3d6783edfa056b01bf (diff)
downloadhdf5-85507981000e5d68788a3ff00f66adb1b0aca842.zip
hdf5-85507981000e5d68788a3ff00f66adb1b0aca842.tar.gz
hdf5-85507981000e5d68788a3ff00f66adb1b0aca842.tar.bz2
Fix invalid memory access in S3 comms (#3681)
In the ros3 VFD, passing an empty string parameter to an internal API call could result in accessing the -1th element of a string. This would cause failures on big-endian systems like s390x. This parameter is now checked before writing to the string. Fixes GitHub #1168
-rw-r--r--src/H5FDs3comms.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/H5FDs3comms.c b/src/H5FDs3comms.c
index 58fc435..dae1149 100644
--- a/src/H5FDs3comms.c
+++ b/src/H5FDs3comms.c
@@ -1713,7 +1713,8 @@ H5FD_s3comms_aws_canonical_request(char *canonical_request_dest, int _cr_size, c
} /* end while node is not NULL */
/* remove trailing ';' from signed headers sequence */
- signed_headers_dest[strlen(signed_headers_dest) - 1] = '\0';
+ if (*signed_headers_dest != '\0')
+ signed_headers_dest[strlen(signed_headers_dest) - 1] = '\0';
/* append signed headers and payload hash
* NOTE: at present, no HTTP body is handled, per the nature of