diff options
Diffstat (limited to 'tools')
-rw-r--r-- | tools/test/h5dump/CMakeTests.cmake | 5 | ||||
-rw-r--r-- | tools/test/h5dump/testh5dump.sh.in | 5 | ||||
-rw-r--r-- | tools/testfiles/tCVE-2021-37501_attr_decode.h5 | bin | 0 -> 48544 bytes |
3 files changed, 10 insertions, 0 deletions
diff --git a/tools/test/h5dump/CMakeTests.cmake b/tools/test/h5dump/CMakeTests.cmake index bcbb1c1..c328ef1 100644 --- a/tools/test/h5dump/CMakeTests.cmake +++ b/tools/test/h5dump/CMakeTests.cmake @@ -344,6 +344,7 @@ ${HDF5_TOOLS_DIR}/testfiles/tCVE_2018_11206_fill_old.h5 ${HDF5_TOOLS_DIR}/testfiles/tCVE_2018_11206_fill_new.h5 ${HDF5_TOOLS_DIR}/testfiles/zerodim.h5 + ${HDF5_TOOLS_DIR}/testfiles/tCVE-2021-37501_attr_decode.h5 #STD_REF_OBJ files ${HDF5_TOOLS_DIR}/testfiles/trefer_attr.h5 ${HDF5_TOOLS_DIR}/testfiles/trefer_compat.h5 @@ -1340,6 +1341,10 @@ ADD_H5_TEST (tCVE_2018_11206_fill_old 1 tCVE_2018_11206_fill_old.h5) ADD_H5_TEST (tCVE_2018_11206_fill_new 1 tCVE_2018_11206_fill_new.h5) + # test to verify fix for CVE-2021-37501: multiplication overflow in H5O__attr_decode() + # https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.assets/poc + ADD_H5_TEST (tCVE-2021-37501_attr_decode 1 tCVE-2021-37501_attr_decode.h5) + # onion VFD tests ADD_H5_TEST (tst_onion_objs 0 --enable-error-stack --vfd-name onion --vfd-info 3 tst_onion_objs.h5) ADD_H5_TEST (tst_onion_dset_ext 0 --enable-error-stack --vfd-name onion --vfd-info 1 tst_onion_dset_ext.h5) diff --git a/tools/test/h5dump/testh5dump.sh.in b/tools/test/h5dump/testh5dump.sh.in index 24807cb..6ea410b 100644 --- a/tools/test/h5dump/testh5dump.sh.in +++ b/tools/test/h5dump/testh5dump.sh.in @@ -183,6 +183,7 @@ $SRC_H5DUMP_TESTFILES/tvms.h5 $SRC_H5DUMP_TESTFILES/err_attr_dspace.h5 $SRC_H5DUMP_TESTFILES/tCVE_2018_11206_fill_old.h5 $SRC_H5DUMP_TESTFILES/tCVE_2018_11206_fill_new.h5 +$SRC_H5DUMP_TESTFILES/tCVE-2021-37501_attr_decode.h5 $SRC_H5DUMP_TESTFILES/tst_onion_objs.h5 $SRC_H5DUMP_TESTFILES/tst_onion_objs.h5.onion $SRC_H5DUMP_TESTFILES/tst_onion_dset_ext.h5 @@ -1495,6 +1496,10 @@ TOOLTEST err_attr_dspace.ddl err_attr_dspace.h5 TOOLTEST_FAIL tCVE_2018_11206_fill_old.h5 TOOLTEST_FAIL tCVE_2018_11206_fill_new.h5 +# test to verify fix for CVE-2021-37501: multiplication overflow in H5O__attr_decode() +# https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.assets/poc +TOOLTEST_FAIL tCVE-2021-37501_attr_decode.h5 + # test Onion VFD TOOLTEST tst_onion_objs.ddl --enable-error-stack --vfd-name onion --vfd-info 3 tst_onion_objs.h5 TOOLTEST tst_onion_dset_ext.ddl --enable-error-stack --vfd-name onion --vfd-info 1 tst_onion_dset_ext.h5 diff --git a/tools/testfiles/tCVE-2021-37501_attr_decode.h5 b/tools/testfiles/tCVE-2021-37501_attr_decode.h5 Binary files differnew file mode 100644 index 0000000..331b05b --- /dev/null +++ b/tools/testfiles/tCVE-2021-37501_attr_decode.h5 |