diff options
| author | bmribler <39579120+bmribler@users.noreply.github.com> | 2021-05-12 19:35:53 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-12 19:35:53 (GMT) |
| commit | 9fb2c24c2eb2454430701247a984780654ca0544 (patch) | |
| tree | 2927a320a7dcc7800b3470d178aa9dff3682e0f1 /tools | |
| parent | 78f0728d1b675e675f4dfb0112fc128535e10071 (diff) | |
| download | hdf5-9fb2c24c2eb2454430701247a984780654ca0544.zip hdf5-9fb2c24c2eb2454430701247a984780654ca0544.tar.gz hdf5-9fb2c24c2eb2454430701247a984780654ca0544.tar.bz2 | |
Bmr dev hdffv 11223 (#640)
* Fixed HDFFV-11223 (CVE-2018-14460)
Description
- Added checks against buffer size to prevent segfault, in case of data
corruption, for sdim->size and sdim->max.
- Renamed data files in an existing test to shorten their length
as agreed with other developers previously.
Platforms tested:
Linux/64 (jelly)
* Committing clang-format changes
* Updated for test files
* Updated for HDFFV-11223
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/test/h5repack/CMakeTests.cmake | 10 | ||||
| -rw-r--r-- | tools/test/h5repack/h5repack.sh.in | 9 | ||||
| -rw-r--r-- | tools/test/h5repack/testfiles/h5repack_CVE-2018-14460.h5 | bin | 0 -> 2560 bytes | |||
| -rw-r--r-- | tools/test/h5repack/testfiles/h5repack_CVE-2018-17432.h5 (renamed from tools/test/h5repack/testfiles/h5repack_HDFFV-10590_CVE-2018-17432.h5) | bin | 7648 -> 7648 bytes |
4 files changed, 15 insertions, 4 deletions
diff --git a/tools/test/h5repack/CMakeTests.cmake b/tools/test/h5repack/CMakeTests.cmake index 528ee1c..037287d 100644 --- a/tools/test/h5repack/CMakeTests.cmake +++ b/tools/test/h5repack/CMakeTests.cmake @@ -51,7 +51,8 @@ ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_named_dtypes.h5 ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_nested_8bit_enum.h5 ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_nested_8bit_enum_deflated.h5 - ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_HDFFV-10590_CVE-2018-17432.h5 + ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_CVE-2018-17432.h5 + ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_CVE-2018-14460.h5 ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_nbit.h5 ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_objs.h5 ${HDF5_TOOLS_TEST_H5REPACK_SOURCE_DIR}/testfiles/h5repack_refs.h5 @@ -1551,10 +1552,15 @@ ADD_H5_TEST (HDFFV-7840 "TEST" h5diff_attr1.h5) # test CVE-2018-17432 fix - set (arg h5repack_HDFFV-10590_CVE-2018-17432.h5 h5repack_HDFFV-10590_CVE-2018-17432_out.h5 --low=1 --high=2 -f GZIP=8 -l dset1:CHUNK=5x6) + set (arg h5repack_CVE-2018-17432.h5 h5repack__CVE-2018-17432_out.h5 --low=1 --high=2 -f GZIP=8 -l dset1:CHUNK=5x6) set (TESTTYPE "TEST") ADD_H5_FILTER_TEST (HDFFV-10590 "" ${TESTTYPE} 1 ${arg}) +# test CVE-2018-14460 fix + set (arg h5repack_CVE-2018-14460.h5 h5repack_CVE-2018-14460_out.h5) + set (TESTTYPE "TEST") + ADD_H5_FILTER_TEST (HDFFV-11223 "" ${TESTTYPE} 1 ${arg}) + # tests for metadata block size option ('-M') ADD_H5_TEST_META (meta_short h5repack_layout.h5 -M 8192) ADD_H5_TEST_META (meta_long h5repack_layout.h5 --metadata_block_size=8192) diff --git a/tools/test/h5repack/h5repack.sh.in b/tools/test/h5repack/h5repack.sh.in index f881b0a..3756a95 100644 --- a/tools/test/h5repack/h5repack.sh.in +++ b/tools/test/h5repack/h5repack.sh.in @@ -129,7 +129,8 @@ $SRC_H5REPACK_TESTFILES/h5repack_paged_persist.h5 ########h5diff/testfile######## $SRC_H5DIFF_TESTFILES/h5diff_attr1.h5 ########test#HDFFV-10590######## -$SRC_H5REPACK_TESTFILES/h5repack_HDFFV-10590_CVE-2018-17432.h5 +$SRC_H5REPACK_TESTFILES/h5repack_CVE-2018-17432.h5 +$SRC_H5REPACK_TESTFILES/h5repack_CVE-2018-14460.h5 ########tools/testfiles#for#external#links######## $SRC_TOOLS_TESTFILES/tsoftlinks.h5 $SRC_TOOLS_TESTFILES/textlinkfar.h5 @@ -1712,7 +1713,11 @@ TOOLTEST HDFFV-5932 h5repack_attr_refs.h5 TOOLTEST HDFFV-7840 h5diff_attr1.h5 # test HDFFV-10590 -arg="h5repack_HDFFV-10590_CVE-2018-17432.h5 h5repack_HDFFV-10590_CVE-2018-17432_out.h5 --low=1 --high=2 -f GZIP=8 -l dset1:CHUNK=5x6" +arg="h5repack_CVE-2018-17432.h5 h5repack_CVE-2018-17432_out.h5 --low=1 --high=2 -f GZIP=8 -l dset1:CHUNK=5x6" +TOOLTEST_FAIL $arg + +# test HDFFV-11223 +arg="h5repack_CVE-2018-14460.h5 h5repack_CVE-2018-14460_out.h5" TOOLTEST_FAIL $arg # tests for metadata block size option diff --git a/tools/test/h5repack/testfiles/h5repack_CVE-2018-14460.h5 b/tools/test/h5repack/testfiles/h5repack_CVE-2018-14460.h5 Binary files differnew file mode 100644 index 0000000..f4093b5 --- /dev/null +++ b/tools/test/h5repack/testfiles/h5repack_CVE-2018-14460.h5 diff --git a/tools/test/h5repack/testfiles/h5repack_HDFFV-10590_CVE-2018-17432.h5 b/tools/test/h5repack/testfiles/h5repack_CVE-2018-17432.h5 Binary files differindex 7a815ba..7a815ba 100644 --- a/tools/test/h5repack/testfiles/h5repack_HDFFV-10590_CVE-2018-17432.h5 +++ b/tools/test/h5repack/testfiles/h5repack_CVE-2018-17432.h5 |