summaryrefslogtreecommitdiffstats
path: root/release_docs/RELEASE.txt
diff options
context:
space:
mode:
Diffstat (limited to 'release_docs/RELEASE.txt')
-rw-r--r--release_docs/RELEASE.txt8
1 files changed, 8 insertions, 0 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt
index b460141..94f3eb3 100644
--- a/release_docs/RELEASE.txt
+++ b/release_docs/RELEASE.txt
@@ -151,6 +151,14 @@ Bug Fixes since HDF5-1.13.3 release
===================================
Library
-------
+ - Fixed potential heap buffer overrun in group info header decoding from malformed file
+
+ H5O__ginfo_decode could sometimes read past allocated memory when parsing a group info message from the header of a malformed file.
+
+ It now checks buffer size before each read to properly throw an error in these cases.
+
+ (ML - 2023/4/6, #2601)
+
- Fixed potential buffer overrun issues in some object header decode routines
Several checks were added to H5O__layout_decode and H5O__sdspace_decode to
generated by cgit v0.12 at 2024-09-15 07:24:21 (GMT)