summaryrefslogtreecommitdiffstats
path: root/src/H5Pdapl.c
diff options
context:
space:
mode:
authorBinh-Minh Ribler <bmribler@hdfgroup.org>2019-01-15 17:48:31 (GMT)
committerBinh-Minh Ribler <bmribler@hdfgroup.org>2019-01-15 17:48:31 (GMT)
commitbc3d878add940845a2ec5b8873f2d45a00926ce8 (patch)
tree2d021b79914677ebe82be9f57e41351f1cf8835a /src/H5Pdapl.c
parent90d13bef33f9e2e80b23996a0c39f16f7c34ecf8 (diff)
downloadhdf5-bc3d878add940845a2ec5b8873f2d45a00926ce8.zip
hdf5-bc3d878add940845a2ec5b8873f2d45a00926ce8.tar.gz
hdf5-bc3d878add940845a2ec5b8873f2d45a00926ce8.tar.bz2
Fixed HDFFV-10586 and HDFFV-10588
Description: HDFFV-10586 CVE-2018-17434 Divide by zero inh5repack_filters Added a check for zero value HDFFV-10588 CVE-2018-17437 Memory leak in H5O_dtype_decode_helper This is actually an Invalid read issue. It was found that the attribute name length in an attribute message was corrupted, which caused the buffer pointer to be advanced too far and later caused an invalid read. Added a check to detect attribute name and its length mismatch. The fix is not perfect, but it'll reduce the chance of this issue when a name length is corrupted or the attribute name is corrupted. Platforms tested: Linux/64 (jelly) Linux/64 (platypus) Darwin (osx1010test)
Diffstat (limited to 'src/H5Pdapl.c')
0 files changed, 0 insertions, 0 deletions