diff options
| author | Larry Knox <lrknox@hdfgroup.org> | 2023-04-04 17:36:27 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-04-04 17:36:27 (GMT) |
| commit | 37a8e3024e1be71325b752d3001a02389f60434c (patch) | |
| tree | 282156b2c42f7b75ff01643d16e20e9b45894ac2 /release_docs | |
| parent | 101210c16ee978f51a9effcc56813f00c16cb1cd (diff) | |
| download | hdf5-37a8e3024e1be71325b752d3001a02389f60434c.zip hdf5-37a8e3024e1be71325b752d3001a02389f60434c.tar.gz hdf5-37a8e3024e1be71325b752d3001a02389f60434c.tar.bz2 | |
Minor cherry-pick merges to 1.14 (#2582)
* Enclose MESG in do...while loop (#2576)
Enclose MSG macro in a do...while loop
* Add a clang-format comment about permissions (#2577)
* Remove an obsolete comment from the MDS test (#2578)
The seed is now broadcast from rank 0, so the warning about multiple
machines having different seeds is unnecessary.
* Subfiling VFD - fix issues with I/O concentrator selection strategies (#2571)
Fix multiple bugs with the SELECT_IOC_EVERY_NTH_RANK and
SELECT_IOC_TOTAL I/O concentrator selection strategies and add a
regression test for them
* Check for overflow when calculating on-disk attribute data size (#2459)
* Remove duplicate code
Signed-off-by: Egbert Eich <eich@suse.com>
* Add test case for CVE-2021-37501
Bogus sizes in this test case causes the on-disk data size
calculation in H5O__attr_decode() to overflow so that the
calculated size becomes 0. This causes the read to overflow
and h5dump to segfault.
This test case was crafted, the test file was not directly
generated by HDF5.
Test case from:
https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md
---------
Co-authored-by: glennsong09 <43005495+glennsong09@users.noreply.github.com>
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
Co-authored-by: jhendersonHDF <jhenderson@hdfgroup.org>
Co-authored-by: Egbert Eich <eich@suse.com>
Diffstat (limited to 'release_docs')
| -rw-r--r-- | release_docs/RELEASE.txt | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index 1a90c23..5dfcf52 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -146,6 +146,26 @@ Bug Fixes since HDF5-1.14.0 release =================================== Library ------- + - Fixed issues in the Subfiling VFD when using the SELECT_IOC_EVERY_NTH_RANK + or SELECT_IOC_TOTAL I/O concentrator selection strategies + + Multiple bugs involving these I/O concentrator selection strategies + were fixed, including: + + * A bug that caused the selection strategy to be altered when + criteria for the strategy was specified in the + H5FD_SUBFILING_IOC_SELECTION_CRITERIA environment variable as + a single value, rather than in the old and undocumented + 'integer:integer' format + * Two bugs which caused a request for 'N' I/O concentrators to + result in 'N - 1' I/O concentrators being assigned, which also + lead to issues if only 1 I/O concentrator was requested + + Also added a regression test for these two I/O concentrator selection + strategies to prevent future issues. + + (JTH - 2023/03/15) + - Fixed a memory corruption issue that can occur when reading from a dataset using a hyperslab selection in the file dataspace and a point selection in the memory dataspace @@ -195,6 +215,19 @@ Bug Fixes since HDF5-1.14.0 release (JTH - 2023/02/16, GH #2433) + - Fix CVE-2021-37501 / GHSA-rfgw-5vq3-wrjf + + Check for overflow when calculating on-disk attribute data size. + + A bogus hdf5 file may contain dataspace messages with sizes + which lead to the on-disk data sizes to exceed what is addressable. + When calculating the size, make sure, the multiplication does not + overflow. + The test case was crafted in a way that the overflow caused the + size to be 0. + + (EFE - 2023/02/11 GH-2458) + Java Library ------------ |