hdf5.git - Mirror from: https://github.com/HDFGroup/hdf5.git

diff options

author	Egbert Eich <eich@suse.com>	2022-12-07 22:14:40 (GMT)
committer	GitHub <noreply@github.com>	2022-12-07 22:14:40 (GMT)
commit	0b4e9cf976438f0a6df7719518d1b1bb96c2caca (patch)
tree	095e99093ab9f914e6b0fb03d156fae18293d8bc /src/H5Omodule.h
parent	dcccc355261e305a1d877a798d7fd46556b3cbce (diff)
download	hdf5-0b4e9cf976438f0a6df7719518d1b1bb96c2caca.zip hdf5-0b4e9cf976438f0a6df7719518d1b1bb96c2caca.tar.gz hdf5-0b4e9cf976438f0a6df7719518d1b1bb96c2caca.tar.bz2

Compound datatypes may not have members of size 0 (#2243)

* Compound datatypes may not have members of size 0 A member size of 0 may lead to an FPE later on as reported in CVE-2021-46244. To avoid this, check for this as soon as the member is decoded. This should probably be done in H5O_dtype_decode_helper() already, however it is not clear whether all sizes are expected to be != 0. This fixes CVE-2021-46244 / Bug #2242. Signed-off-by: Egbert Eich <eich@suse.com> * Rework error recovery code in H5O__dtype_decode_helper() and H5O__dtype_decode(). * Format changes for src/H5Odtype.c. Signed-off-by: Egbert Eich <eich@suse.com> Co-authored-by: Neil Fortner <nfortne2@hdfgroup.org> Co-authored-by: Larry Knox <lrknox@hdfgroup.org>

Diffstat (limited to 'src/H5Omodule.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: