summaryrefslogtreecommitdiffstats
path: root/COPYING_LBNL_HDF5
diff options
context:
space:
mode:
authorEgbert Eich <eich@suse.de>2022-11-09 18:25:11 (GMT)
committerGitHub <noreply@github.com>2022-11-09 18:25:11 (GMT)
commit18c438bdf0be8ad98f968bb77b327d7a3f17a3f5 (patch)
tree25bb66ad54786a0fe6c680850cff403debad6ae5 /COPYING_LBNL_HDF5
parentadc467992e30c89d731b70f1daf789e7385dce42 (diff)
downloadhdf5-18c438bdf0be8ad98f968bb77b327d7a3f17a3f5.zip
hdf5-18c438bdf0be8ad98f968bb77b327d7a3f17a3f5.tar.gz
hdf5-18c438bdf0be8ad98f968bb77b327d7a3f17a3f5.tar.bz2
H5O__pline_decode() Make more resilient to out-of-bounds read (#2210)
Malformed hdf5 files may have trunkated content which does not match the expected size. When this function attempts to decode these it may read past the end of the allocated space leading to heap overflows as bounds checking is incomplete. Make sure each element is within bounds before reading. This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209. Signed-off-by: Egbert Eich <eich@suse.com> Signed-off-by: Egbert Eich <eich@suse.com>
Diffstat (limited to 'COPYING_LBNL_HDF5')
0 files changed, 0 insertions, 0 deletions