diff options
author | Dana Robinson <43805+derobins@users.noreply.github.com> | 2023-04-14 22:17:24 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-14 22:17:24 (GMT) |
commit | f9c16de8a7f50afd6f5ef14df68074552388dae6 (patch) | |
tree | 6a1277c0ddfcda8f2ac09c26cc5889fda4fd8b25 /release_docs/RELEASE.txt | |
parent | 88257af73ddb814665f077d840c19dd928c5f440 (diff) | |
download | hdf5-f9c16de8a7f50afd6f5ef14df68074552388dae6.zip hdf5-f9c16de8a7f50afd6f5ef14df68074552388dae6.tar.gz hdf5-f9c16de8a7f50afd6f5ef14df68074552388dae6.tar.bz2 |
Fix memory leaks when processing OH cont messages (#2723)
Malformed object header continuation messages can result in a too-small
buffer being passed to the decode function, which could lead to reading
past the end of the buffer. Additionally, errors in processing these
malformed messages can lead to allocated memory not being cleaned up.
This fix adds bounds checking and cleanup code to the object header
continuation message processing.
Fixes #2604
Diffstat (limited to 'release_docs/RELEASE.txt')
-rw-r--r-- | release_docs/RELEASE.txt | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index 63f5a36..7e53322 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -151,6 +151,18 @@ Bug Fixes since HDF5-1.14.0 release =================================== Library ------- + - Fixed memory leaks when processing malformed object header continuation messages + + Malformed object header continuation messages can result in a too-small + buffer being passed to the decode function, which could lead to reading + past the end of the buffer. Additionally, errors in processing these + malformed messages can lead to allocated memory not being cleaned up. + + This fix adds bounds checking and cleanup code to the object header + continuation message processing. + + (DER - 2023/04/13 GH-2604) + - Fixed memory leaks, aborts, and overflows in H5O EFL decode The external file list code could call assert(), read past buffer @@ -196,7 +208,8 @@ Bug Fixes since HDF5-1.14.0 release - Fixed potential heap buffer overrun in group info header decoding from malformed file - H5O__ginfo_decode could sometimes read past allocated memory when parsing a group info message from the header of a malformed file. + H5O__ginfo_decode could sometimes read past allocated memory when parsing a + group info message from the header of a malformed file. It now checks buffer size before each read to properly throw an error in these cases. |