diff options
author | bmribler <39579120+bmribler@users.noreply.github.com> | 2021-03-19 13:15:03 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-19 13:15:03 (GMT) |
commit | dafc7285bb1df4a6529a64c215c5de4017016d24 (patch) | |
tree | c40eadbf742bfe9a949cffec62931bbe53ed92ec /tools/test/h5dump/CMakeTests.cmake | |
parent | 49a14f9e0279e5b43b15121a3d64105f0d7b65b0 (diff) | |
download | hdf5-dafc7285bb1df4a6529a64c215c5de4017016d24.zip hdf5-dafc7285bb1df4a6529a64c215c5de4017016d24.tar.gz hdf5-dafc7285bb1df4a6529a64c215c5de4017016d24.tar.bz2 |
Fixed HDFFV-10480 (CVE-2018-11206) and HDFFV-11159 (CVE-2018-14033) (#405)
* Fixed HDFFV-10480 (CVE-2018-11206) and HDFFV-11159 (CVE-2018-14033)
Description
Checked against buffer size to prevent segfault, in case of data corruption.
+ HDFFV-11159 CVE-2018-14033 Buffer over-read in H5O_layout_decode
+ HDFFV-10480 CVE-2018-11206 Buffer over-read in H5O_fill_new[/old]_decode
Platforms tested:
Linux/64 (jelly)
* Accidentally left in another occurrence of the previous patch from user
after a more correct fix was applied, that is the check now accounted
for the previous advance of the buffer pointer. Removed it.
* Typo
* Fixed format issues.
* Added test.
* Changed arguments to ADD_H5_TEST
* Fixing arguments to ADD_H5_TEST again.
* Fixing arguments again.
* Took out the CMake changes until Allen can help.
* Added files:
tCVE_2018_11206_fill_old.h5
tCVE_2018_11206_fill_new.h5
* Revert "Took out the CMake changes until Allen can help."
This reverts commit c21324d6e0044994c5cd24b0671e7d1dd41096cc.
* Revert "Fixing arguments again."
This reverts commit 5832a70674339e4b524749adde5a181f8c3a446a.
* Revert "Fixing arguments to ADD_H5_TEST again."
This reverts commit b45de823c22ce83a388d46466ef7c04b66ff05ed.
* Revert "Changed arguments to ADD_H5_TEST"
This reverts commit 16719824f57e52158451ddd261788c0dcaa3ec55.
* Added first argument to ADD_H5_TEST for HDFFV-10480 fix.
* Changed argument 0 to 1
* Revert "Changed argument 0 to 1"
This reverts commit b343d6613ba681b43248dd5820e96389984ebcf7.
* Revert "Added first argument to ADD_H5_TEST for HDFFV-10480 fix."
This reverts commit b8a0f9a9e8ec8e6c6ff38d33195d63edff76a563.
* Added first argument and corrected the second.
* Updated fixes for HDFFV-10480 and HDFFV-11159/HDFFV-11049
* Improved error messages.
Diffstat (limited to 'tools/test/h5dump/CMakeTests.cmake')
-rw-r--r-- | tools/test/h5dump/CMakeTests.cmake | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/tools/test/h5dump/CMakeTests.cmake b/tools/test/h5dump/CMakeTests.cmake index 4b61569..411e9ef 100644 --- a/tools/test/h5dump/CMakeTests.cmake +++ b/tools/test/h5dump/CMakeTests.cmake @@ -333,6 +333,8 @@ ${HDF5_TOOLS_DIR}/testfiles/tvlstr.h5 ${HDF5_TOOLS_DIR}/testfiles/tvms.h5 ${HDF5_TOOLS_DIR}/testfiles/t128bit_float.h5 + ${HDF5_TOOLS_DIR}/testfiles/tCVE_2018_11206_fill_old.h5 + ${HDF5_TOOLS_DIR}/testfiles/tCVE_2018_11206_fill_new.h5 ${HDF5_TOOLS_DIR}/testfiles/zerodim.h5 #STD_REF_OBJ files ${HDF5_TOOLS_DIR}/testfiles/trefer_attr.h5 @@ -1179,6 +1181,10 @@ # test to verify HDFFV-9407: long double full precision # ADD_H5_GREP_TEST (t128bit_float 1 "1.123456789012345" -m %.35Lg t128bit_float.h5) + # test to verify HDFFV-10480: out of bounds read in H5O_fill_new[old]_decode + ADD_H5_TEST (tCVE_2018_11206_fill_old 1 tCVE_2018_11206_fill_old.h5) + ADD_H5_TEST (tCVE_2018_11206_fill_new 1 tCVE_2018_11206_fill_new.h5) + ############################################################################## ### P L U G I N T E S T S ############################################################################## |