diff options
author | bmribler <39579120+bmribler@users.noreply.github.com> | 2021-03-04 03:48:01 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-04 03:48:01 (GMT) |
commit | 7b23ce1686cf3383bb8666f133cf5fa4f6282096 (patch) | |
tree | c47e6c1524a3d2fd59138337f4210f4a2d615b21 /java/src/jni/h5lImp.h | |
parent | e65814bf8eda709b27a60fe3e396a22e4bc34864 (diff) | |
download | hdf5-7b23ce1686cf3383bb8666f133cf5fa4f6282096.zip hdf5-7b23ce1686cf3383bb8666f133cf5fa4f6282096.tar.gz hdf5-7b23ce1686cf3383bb8666f133cf5fa4f6282096.tar.bz2 |
Fixed HDFFV-10480 (CVE-2018-11206) and HDFFV-11159 (CVE-2018-14033) (#417)
* Fixed HDFFV-10480 (CVE-2018-11206) and HDFFV-11159 (CVE-2018-14033)
Description
Checked against buffer size to prevent segfault, in case of data corruption.
+ HDFFV-11159 CVE-2018-14033 Buffer over-read in H5O_layout_decode
+ HDFFV-10480 CVE-2018-11206 Buffer over-read in H5O_fill_new[/old]_decode and
A user's patch was applied to this previously, but it is redone
for a more correct fix, that is the check now accounted for the
previous advance of the buffer pointer.
Platforms tested:
Linux/64 (jelly)
* Fixed format issues with clang formatter.
Diffstat (limited to 'java/src/jni/h5lImp.h')
0 files changed, 0 insertions, 0 deletions