diff options
| author | jhendersonHDF <jhenderson@hdfgroup.org> | 2023-04-15 00:23:52 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-04-15 00:23:52 (GMT) |
| commit | e1f398a2cf390befda1140e1cdc88719060fc6d0 (patch) | |
| tree | a7fb1c9ccd29306869e2db5f4a237b14ea06e169 /src/H5private.h | |
| parent | ff7e778c1d6787d0f492b635f32220378604998e (diff) | |
| download | hdf5-e1f398a2cf390befda1140e1cdc88719060fc6d0.zip hdf5-e1f398a2cf390befda1140e1cdc88719060fc6d0.tar.gz hdf5-e1f398a2cf390befda1140e1cdc88719060fc6d0.tar.bz2 | |
H5O__pline_decode() Make more resilient to out-of-bounds read (#2210) (#2733)
Malformed hdf5 files may have trunkated content which does not match
the expected size. When this function attempts to decode these it may
read past the end of the allocated space leading to heap overflows
as bounds checking is incomplete.
Make sure each element is within bounds before reading.
This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209.
Diffstat (limited to 'src/H5private.h')
| -rw-r--r-- | src/H5private.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/H5private.h b/src/H5private.h index 3929ac3..a82796e 100644 --- a/src/H5private.h +++ b/src/H5private.h @@ -1469,6 +1469,9 @@ H5_DLL H5_ATTR_CONST int Nflock(int fd, int operation); #ifndef HDstrlen #define HDstrlen(S) strlen(S) #endif +#ifndef HDstrnlen +#define HDstrnlen(S, L) strnlen(S, L) +#endif #ifndef HDstrncat #define HDstrncat(X, Y, Z) strncat(X, Y, Z) #endif |