| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Malformed hdf5 files may have trunkated content which does not match
the expected size. When this function attempts to decode these it may
read past the end of the allocated space leading to heap overflows
as bounds checking is incomplete.
Make sure each element is within bounds before reading.
This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209.
|
|
|
|
|
|
| |
There is no need to maintain the release schedule in each branch, so
it's being removed from all branches aside from develop.
Also removes the badges that don't pertain to 1.12
|
|
|
|
|
|
|
|
|
|
|
|
| |
As indicated in the description, memory leak is detected when running "./h5dump pov".
The problem is: when calling H5O__add_cont_msg() from H5O__chunk_deserialize(),
memory is allocated for cont_msg_info->msgs. Eventually, when the library tries to load
the continuation message via H5AC_protect() in H5O_protect(), error is
encountered due to illegal info in the continuation message.
Due to the error, H5O_protect() exits but the memory allocated for cont_msg_info->msgs is not freed.
When we figure out how to handle fuzzed files that we didn't generate,
a test needs to be added to run h5dump with the provided "pov" file.
|
| |
|
|
|
| |
Enable library instrumentation by default for parallel debug builds
|
|
|
|
|
| |
* Avoid suppressing error output for non-tentative file opens
* Update comment about tentative file opens
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The function that decodes external data files object header messages would
call assert() when parsing malformed files, causing applications to crash
when linked against the debug library.
This change converts these assert() calls to HDF5 error checks, so the
messages are sanity checked in both release and debug mode and debug mode
no longer crashes applications.
Also cleaned up some error handling usage and debug checks.
* Free memory on H5O efl decode errors
* Add buffer size checks to efl msg decode
* Add parentheses to math expressions
Fixes GitHub #2605
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
* Change libaec URL to actively maintained repo GH#2552
* Remove duplicated https
|
|
|
| |
Co-authored-by: Mark Kittisopikul <mkitti@users.noreply.github.com>
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix new codespell issues (#2521)
* Fix new codespell issues
* Have codespell ignore ./config/sanitizer/sanitizers.cmake
* Fix typo in genparser.
---------
Co-authored-by: Mark Kittisopikul <mkitti@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
| |
* Merge doxygen plist tables changes #2470 from develop
* Add new/moved files
* More add new/moved files
* Doxy corrections
|
|
|
|
|
|
|
| |
* Add fetchcontent for compression libs and fix cmake config #2487
* Add CI test for FetchContent
* Use LINK_COMP_LIBS instead of STATIC_LIBRARY for depends
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#2291) (#2496)
* Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC) producing a core dump.
When h5debug closes the corrupted file, the library calls H5F__dest() which performs all the
closing operations for the file "f" (H5F_t *) but just keeping note of errors in "ret_value"
all the way till the end of the routine. The user-provided corrupted file has an illegal
file size causing failure when reading the image during the closing process.
At the end of this routine it sets f->shared to NULL and then frees "f".
This is done whether there is error or not in "ret_value".
Due to the failure in reading the file earlier, the routine then returns error.
The error return from H5F__dest() causes the file object "f" not being removed from the
ID node table. When the library finally exits, it will try to close the
file objects in the table. This causes assert failure when H5F_ID_EXISTS(f) or H5F_NREFS(f).
Fix:
a) H5F_dest(): free the f only when there is no error in "ret_value" at the end of the routine.
b) H5VL__native_file_close(): if f->shared is NULL, free "f"; otherwise, perform closing on "f" as before.
c) h5debug.c main(): track error return from H5Fclose().
* Committing clang-format changes
Co-authored-by: vchoi <vchoi@jelly.ad.hdfgroup.org>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
| |
* Fix files codespell has issues with
* Exclude h5repack .dat test files
* Fix characters in C++ HTML file
* Fix header.html characters
|
| |
|
| |
|
| |
|
|
|
|
|
| |
* Merge Correct pkgconfig variables and libraries #2259
* Fix spacing
|
|
|
|
|
| |
There's no reason to list develop, etc. in the list of branches where
this flavor of main.yml applies. Those branches have their own main.yml
files.
|
| |
|
|
|
| |
Co-authored-by: kwryankrattiger <80296582+kwryankrattiger@users.noreply.github.com>
|
| |
|
| |
|
|
|
| |
Fixes incorrect version
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Brings the updated CI in from develop
Does not include the -Werror checks, changes 1.14 API to 1.12
where needed.
* Fixes an API compat issue in the mirror VFD test
* Committing clang-format changes
* Removed pr-check.yml
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix for HDFFV-10840: Instead of using fill->buf for datatype conversion (#2153)
* Fix for HDFFV-10840: Instead of using fill->buf for datatype conversion
if it is large enough, a buffer is allocated regardless so that the element
in fill->buf can later be reclaimed.
Valgrind is run on test/set_extent.c and there is no memory leak.
* Add information of this fix to release notes.
* Change macos version for CI to macos-11 until accum test failure is fixed for macos
12.
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
|
|
|
|
|
|
|
|
| |
* h5repack should only print if verbose
Also chage dump test to use long option
* Add note
* Update yaml workflows
|
|
|
|
|
| |
* Correct requires setting for pkgconfig files #2280
* Change macos for CI
|
| |
|
| |
|
|
|
|
| |
file handles (#2181) (#2207)
|
| |
|
|
|
|
|
| |
* Fix some Java warnings
* Fix accidental change
|
|
|
|
| |
(#2138)
|
|
|
| |
Also fix github URL refs
|
| |
|