Fixed HDFFV-10578

Description:
    - HDFFV-10578 - CVE-2018-17234  Memory leak in H5O__chunk_deserialize()
        Actually, the leak was in h5tools_util.  Applied Neil's fix.
    - Changed an assert to if/HGOTO_ERROR to fail gracefully.
Platforms tested:
    Linux/64 (jelly)
    Linux/64 (platypus)
    Darwin (osx1010test)

2 files changed, 3 insertions, 2 deletions

diff --git a/src/H5Ocache.c b/src/H5Ocache.c
index 1d69028..1fa4b10 100644
--- a/src/H5Ocache.c
+++ b/src/H5Ocache.c
@@ -1390,7 +1390,8 @@ H5O__chunk_deserialize(H5O_t *oh, haddr_t addr, size_t len, const uint8_t *image
 
         /* Message size */
         UINT16DECODE(chunk_image, mesg_size);
-        HDassert(mesg_size == H5O_ALIGN_OH(oh, mesg_size));
+        if(mesg_size != H5O_ALIGN_OH(oh, mesg_size))
+            HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "message not aligned")
 
         /* Message flags */
         flags = *chunk_image++;
diff --git a/src/H5VM.c b/src/H5VM.c
index 4c0b837..452d378 100644
--- a/src/H5VM.c
+++ b/src/H5VM.c
@@ -1548,7 +1548,7 @@ done:
  *
  * Purpose:	Given source and destination buffers in memory (SRC & DST)
  *              copy sequences of from the source buffer into the destination
- *              buffer.  Each set of sequnces has an array of lengths, an
+ *              buffer.  Each set of sequences has an array of lengths, an
  *              array of offsets, the maximum number of sequences and the
  *              current sequence to start at in the sequence.
  *