diff options
| author | Vailin Choi <vchoi@jam.ad.hdfgroup.org> | 2020-02-21 18:27:01 (GMT) |
|---|---|---|
| committer | Vailin Choi <vchoi@jam.ad.hdfgroup.org> | 2020-02-21 18:32:18 (GMT) |
| commit | 6cb3afb86c7dc7179af3cf4b5973edcd7baaffb0 (patch) | |
| tree | 24369c951e938fa90beb1c90cf10eb95172c5984 /src/H5Shyper.c | |
| parent | ec0c67ef3ee89b56b4e082fd703d3a71042fcd18 (diff) | |
| download | hdf5-6cb3afb86c7dc7179af3cf4b5973edcd7baaffb0.zip hdf5-6cb3afb86c7dc7179af3cf4b5973edcd7baaffb0.tar.gz hdf5-6cb3afb86c7dc7179af3cf4b5973edcd7baaffb0.tar.bz2 | |
FIx issues when deserializing hyperslab/point selection with version beyond the library's supported version:
(1) Verify the decoded version before proceeding further with deserialization
(2) Close the dataspace if errors occurred after opening the dataspace
Diffstat (limited to 'src/H5Shyper.c')
| -rw-r--r-- | src/H5Shyper.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/H5Shyper.c b/src/H5Shyper.c index 09d450f..af37b81 100644 --- a/src/H5Shyper.c +++ b/src/H5Shyper.c @@ -2120,7 +2120,7 @@ H5S_hyper_serialize (const H5S_t *space, uint8_t *buf) /* Store the preamble information */ UINT32ENCODE(buf, (uint32_t)H5S_GET_SELECT_TYPE(space)); /* Store the type of selection */ - UINT32ENCODE(buf, (uint32_t)1); /* Store the version number */ + UINT32ENCODE(buf, (uint32_t)H5S_HYPER_VERSION_1); /* Store the version number */ UINT32ENCODE(buf, (uint32_t)0); /* Store the un-used padding */ lenp = buf; /* keep the pointer to the length location for later */ buf += 4; /* skip over space for length */ @@ -2265,8 +2265,10 @@ H5S_hyper_deserialize (H5S_t *space, const uint8_t *buf) hsize_t *tstride=NULL; /* temporary hyperslab pointers */ hsize_t *tcount=NULL; /* temporary hyperslab pointers */ hsize_t *tblock=NULL; /* temporary hyperslab pointers */ - unsigned i,j; /* local counting variables */ - herr_t ret_value=FAIL; /* return value */ + unsigned i,j; /* local counting variables */ + uint32_t version; /* decoded version */ + uint8_t *p; /* temporary pointer to buf */ + herr_t ret_value=FAIL; /* return value */ FUNC_ENTER_NOAPI(FAIL) @@ -2274,6 +2276,13 @@ H5S_hyper_deserialize (H5S_t *space, const uint8_t *buf) HDassert(space); HDassert(buf); + p = buf + 4; + UINT32DECODE(p, version); + + if(version < H5S_HYPER_VERSION_1 || version > H5S_HYPER_VERSION_LATEST) + HGOTO_ERROR(H5E_DATASPACE, H5E_BADVALUE, FAIL, "bad version number for hyperslab selection") + + /* Deserialize slabs to select */ buf+=16; /* Skip over selection header */ UINT32DECODE(buf,rank); /* decode the rank of the point selection */ |