diff options
| author | jhendersonHDF <jhenderson@hdfgroup.org> | 2023-04-15 00:23:25 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-04-15 00:23:25 (GMT) |
| commit | 6ac41d8415a87e7d248b99cadb6b0dbe63567557 (patch) | |
| tree | efc422605aa29b26d5a8ec8d4130e66e93406625 /release_docs | |
| parent | c23b3482214e3844b05bb4fd377558b3a4d2f1b9 (diff) | |
| download | hdf5-6ac41d8415a87e7d248b99cadb6b0dbe63567557.zip hdf5-6ac41d8415a87e7d248b99cadb6b0dbe63567557.tar.gz hdf5-6ac41d8415a87e7d248b99cadb6b0dbe63567557.tar.bz2 | |
H5O__pline_decode() Make more resilient to out-of-bounds read (#2210) (#2734)
Malformed hdf5 files may have trunkated content which does not match
the expected size. When this function attempts to decode these it may
read past the end of the allocated space leading to heap overflows
as bounds checking is incomplete.
Make sure each element is within bounds before reading.
This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209.
Diffstat (limited to 'release_docs')
| -rw-r--r-- | release_docs/RELEASE.txt | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index a8b1dc7..2dfbfc2 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -118,6 +118,16 @@ Bug Fixes since HDF5-1.10.10 release =================================== Library ------- + - Fix for CVE-2019-8396 + + Malformed HDF5 files may have truncated content which does not match + the expected size. When H5O__pline_decode() attempts to decode these it + may read past the end of the allocated space leading to heap overflows + as bounds checking is incomplete. + + The fix ensures each element is within bounds before reading. + + (2023/04/13 - HDFFV-10712, CVE-2019-8396, GitHub #2209) - Memory leak |