diff options
author | Binh-Minh Ribler <bmribler@hdfgroup.org> | 2019-01-15 19:07:22 (GMT) |
---|---|---|
committer | Binh-Minh Ribler <bmribler@hdfgroup.org> | 2019-01-15 19:07:22 (GMT) |
commit | f4138013dbc6851e968ea3d37b32776538ef306b (patch) | |
tree | 0d79619ad34017f065033cd0ba13de16748437ef /tools/lib | |
parent | dadf2b5fd8689e15ee5d28c74a5956391e914809 (diff) | |
download | hdf5-f4138013dbc6851e968ea3d37b32776538ef306b.zip hdf5-f4138013dbc6851e968ea3d37b32776538ef306b.tar.gz hdf5-f4138013dbc6851e968ea3d37b32776538ef306b.tar.bz2 |
Fixed HDFFV-10578
Description:
- HDFFV-10578 - CVE-2018-17234 Memory leak in H5O__chunk_deserialize()
Actually, the leak was in h5tools_util. Applied Neil's fix.
- Changed an assert to if/HGOTO_ERROR to fail gracefully.
Platforms tested:
Linux/64 (jelly)
Linux/64 (platypus)
Darwin (osx1010test)
Diffstat (limited to 'tools/lib')
-rw-r--r-- | tools/lib/h5tools_utils.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/tools/lib/h5tools_utils.c b/tools/lib/h5tools_utils.c index 8ac0d32..e7e017f 100644 --- a/tools/lib/h5tools_utils.c +++ b/tools/lib/h5tools_utils.c @@ -561,6 +561,8 @@ herr_t init_objs(hid_t fid, find_objs_t *info, table_t **group_table, table_t **dset_table, table_t **type_table) { + herr_t ret_value = SUCCEED; + /* Initialize the tables */ init_table(group_table); init_table(dset_table); @@ -573,7 +575,20 @@ init_objs(hid_t fid, find_objs_t *info, table_t **group_table, info->dset_table = *dset_table; /* Find all shared objects */ - return(h5trav_visit(fid, "/", TRUE, TRUE, find_objs_cb, NULL, info, H5O_INFO_BASIC)); + if((ret_value = h5trav_visit(fid, "/", TRUE, TRUE, find_objs_cb, NULL, info, H5O_INFO_BASIC)) < 0) + HGOTO_ERROR(FAIL, H5E_tools_min_id_g, "finding shared objects failed") + +done: + /* Release resources */ + if(ret_value < 0) { + free_table(*group_table); + info->group_table = NULL; + free_table(*type_table); + info->type_table = NULL; + free_table(*dset_table); + info->dset_table = NULL; + } + return ret_value; } |