| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Converts the YAML build mode arrays to objects in special runs
* Adds a dump of the matrix context for each test
This would have made it a LOT easier to debug the build_mode issues...
* Disable the mirror VFD in the -Werror checks
We can re-enable this after we fix the warnings, but I don't want to
conflate code and GitHub changes, so this is a better way to get the
CI to pass for now.
|
| |
|
| |
CI fails due to a problem with the GitHub actions, not this PR
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Initial updates for HDF5 1.14.0 release December 2022
Update so numbers for release
Set version to 1.14.0
Switch default build mode to production for release in configure.ac
lines435 and 442
Switch AM_MAINTAINER_MODE to disabled with bin/switch_maint_mode
Set HDF5_GENERATE_HEADERS to OFF in src/CMakeLists.txt
Commit Makefile.ins and other generated files for release
except 2 ...~ files and autom4te.cache.
* Add autotools generated files with misspelled word to list for codespell
to skip.
* Add autom4te.cache to codespell list of files to skip
* Update windows worker compilers (#2286)
* Update windows worker compilers
* Update bin and test issues
* Update script and revert java test
* Update release script, version in java files and so numbers in
Makefile.ins.
* Add hdf5-1_14_0 branch to main.yml.
* Don't run autogen.sh for release branche hdf5_1_10_0.
* Fix syntax in main.yml
Co-authored-by: Allen Byrne <50328838+byrnHDF@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Initial updates for HDF5 1.14.0 release December 2022
Update so numbers for release
Set version to 1.14.0
Switch default build mode to production for release in configure.ac
lines435 and 442
Switch AM_MAINTAINER_MODE to disabled with bin/switch_maint_mode
Set HDF5_GENERATE_HEADERS to OFF in src/CMakeLists.txt
Commit Makefile.ins and other generated files for release
except 2 ...~ files and autom4te.cache.
* Add autotools generated files with misspelled word to list for codespell
to skip.
* Add autom4te.cache to codespell list of files to skip
* Update windows worker compilers (#2247)
* Update release script, version in java files and so numbers in
Makefile.ins.
* Add hdf5-1_14_0 branch to main.yml.
* Don't run autogen.sh for release branche hdf5_1_10_0.
Co-authored-by: Allen Byrne <50328838+byrnHDF@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Initial updates for HDF5 1.14.0 release December 2022
Update so numbers for release
Set version to 1.14.0
Switch default build mode to production for release in configure.ac
lines435 and 442
Switch AM_MAINTAINER_MODE to disabled with bin/switch_maint_mode
Set HDF5_GENERATE_HEADERS to OFF in src/CMakeLists.txt
Commit Makefile.ins and other generated files for release
except 2 ...~ files and autom4te.cache.
|
| | |
|
| | |
|
| |
|
| |
members
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Compound datatypes may not have members of size 0
A member size of 0 may lead to an FPE later on as reported in
CVE-2021-46244. To avoid this, check for this as soon as the
member is decoded.
This should probably be done in H5O_dtype_decode_helper() already,
however it is not clear whether all sizes are expected to be != 0.
This fixes CVE-2021-46244 / Bug #2242.
Signed-off-by: Egbert Eich <eich@suse.com>
* Rework error recovery code in H5O__dtype_decode_helper() and
H5O__dtype_decode().
* Format changes for src/H5Odtype.c.
Signed-off-by: Egbert Eich <eich@suse.com>
Co-authored-by: Neil Fortner <nfortne2@hdfgroup.org>
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
| |
|
|
|
| |
* Correct requires setting for pkgconfig files
* Add issue number
|
| |
|
|
|
|
|
| |
* Fixes warnings in H5Opline.c error messages
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* Add compound and refactor out atomic types
* Add Array String tests back
* Convert Attribute version of compound example
* Update transfer atom8ic read to return object
|
| |
|
|
| |
C++ HDF5 filter plugin SZ3 fails to build under windows with failure at linking time unless that extern "C" block is added.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* When evicting driver info block, NULL the corresponding entry
Since H5C_expunge_entry() called (from H5AC_expunge_entry()) sets the flag
H5C__FLUSH_INVALIDATE_FLAG, the driver info block will be freed. NULLing the
pointer in f->shared->drvinfo will prevent use-after-free when it is used in other
functions (like H5F__dest()) - as other places will check whether the pointer is
initialized before using its value.
This fixes CVE-2021-46242 / Bug #2254
Signed-off-by: Egbert Eich <eich@suse.com>
* When evicting the superblock, NULL the corresponding entry
The call to H5AC_expunge_entry() will free the corresonding structure,
to avoid a use-after-free, the corrsponding pointer entry will be NULLed.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
| |
* Output should only be printed if verbose.
* Add note
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For Data Layout Messages version 1 & 2 the specification state
that the value stored in the data field is 1 greater than the
number of dimensions in the dataspace. For version 3 this is
not explicitly stated but the implementation suggests it to be
the case.
Thus the set value needs to be at least 2. For dimensionality
< 2 an out-of-bounds access occurs as in CVE-2021-45833.
This fixes CVE-2021-45833 / Bug #2240.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
| | |
|
| |
|
|
|
| |
* Update install openmpi-bin to also install mpi-default-dev instead of
libopenmpi-dev. This according to
https://bugs.launchpad.net/ubuntu/+source/openmpi/+bug/1870780.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit afc54d75a19 to the test suite to eliminate a separate
shell script did not take into account that there may be
multiple dependent test scripts which resulted in the
message:
`/bin/sh: line 7: [: too many arguments`.
when running the test suite.
Beware that this new version still makes use of non-posix GNU
extensions to `test`.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Use ubuntu-20.04 for github autotools parallel tests until parallel
configure is fixed on ubuntu 22.04.
* Remove inactive developers from CODEOWNERS.
* Temporarily cat config.log for autotools build in github actions.
* Try ubuntu-latest.
* Attempt to cat config.log even when configure fails.
* Fix syntax.
* Try again
* Try again
* Try again.
* Back to original temporary fix.
* Install libopenmpi-dev with openmpi-bin, which was installed as a
dependency prior to ubuntu-22.04.
|
| |
|
|
|
|
| |
* Use ubuntu-20.04 for github autotools parallel tests until parallel
configure is fixed on ubuntu 22.04.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
from an application (#2248)
* Jira HDFFV-10881: Segfault in H5CX_get_vol_wrap_ctx when H5VLwrap_register is called from an application. A quick and simple fix to make it fail with a relevant error message.
* Format changes.
* Committing clang-format changes
* Minor change: split one condition check into two for clarity.
* Adding doxygen comment for H5VLwrap_register.
* Minor change: adding a little more detail to the Doxygen comment for H5VLwrap_register.
|
| |
|
|
|
|
|
|
|
|
| |
Return the result rather than setting the exit code. "return" is a
language keyword whereas "exit" is a function for which the <stdlib.h>
header has to be included which it wasn't in this test, therefore the
test would previously fail to identify that the encoder was enabled if
"-Werror=implicit-function-declaration" was used, which it is by default
with clang from Xcode 12 and later.
Fixes #2262
|
| |
|
|
|
| |
* Remove hard-coded version text
* Use macOS 11 until accum test is fixed see #2261
|
| | |
|
| |
|
|
|
| |
* Only check quad sizes if fortran is enabled
* fixed if struct
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
itself (#2237)
The size of the enumeration values is determined by the size of the parent.
Functions accessing the enumeration values use the size of the enumeration
to determine the size of each element and how much data to copy. Thus the
size of the enumeration and its parent need to match.
Check here to avoid unpleasant surprises later.
This fixes CVE-2018-14031 / Bug #2236.
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
According to the specification, the information block for external links
contains 1 byte of version/flag information and two 0 terminated strings
for the object linked to and the full path.
Although not very useful, the minimum string length for each (with
terminating 0) would be one byte.
Checking this will help to avoid SEGVs triggered by bogus files.
This fixes CVE-2018-16438 / Bug #2233.
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Initially, the accumulated metadata location is initialized to HADDR_UNDEF
- the highest available address. Bogus input files may provide a location
or size matching this value. Comparing this address against such bogus
values may provide false positives. This make sure, the value has been
initilized or fail the comparison early and let other parts of the
code deal with the bogus address/size.
Note: To avoid unnecessary checks, we have assumed that if the 'dirty'
member in the same structure is true the location is valid.
This fixes CVE-2018-13867 / Bug #2230.
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When decoding a file space info message in H5O__fsinfo_decode() make
sure each element to be decoded is still within the message. Malformed
hdf5 files may have trunkated content which does not match the
expected size. Checking this will prevent attempting to decode
unrelated data and heap overflows. So far, only free space manager
address data was checked before decoding.
This fixes CVE-2021-45830 / Bug #2228.
Signed-off-by: Egbert Eich <eich@suse.com>
Additions
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Malformed hdf5 files may provide more dimensions than the array dim[] in
H5IMget_image_info() is able to hold. Check number of elements first by calling
H5Sget_simple_extent_dims() with NULL for both 'dims' and 'maxdims' arguments.
This will cause the function to return only the number of dimensions.
The fix addresse a stack overflow on write.
This fixes CVE-2018-17439 / HDFFV-10589 / Bug #2226.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
|
| | |
|
| |
|
|
|
| |
* Adds a release note for PR #2210 (CVE-2019-8396)
* Capitalization issue fixed
|
| |
|
|
|
|
|
|
|
|
|
| |
* Removes MPE instrumentation support.
The Autotools will no longer accept --with-mpe= and the logging commands
have been removed from the FUNC_ENTER macros. CMake has never supported
instrumenting for MPE.
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Malformed hdf5 files may have trunkated content which does not match
the expected size. When this function attempts to decode these it may
read past the end of the allocated space leading to heap overflows
as bounds checking is incomplete.
Make sure each element is within bounds before reading.
This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This has not been used to debug the library in a very long time. Most
developers use valgrind, -fsanitize=address, or some other memory checker
instead of this library.
This removes:
* dmalloc.h include from H5private.h
* --with-dmalloc= Autotools configure option
* HDF5_ENABLE_USING_DMALLOC CMake option
|
| | |
|
| |
|
|
|
|
|
| |
* Bug fix: make sure the test case supports the pass_through connector.
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Removes the memory allocation sanity checks feature
* Committing clang-format changes
* Removes zero size checks for H5MM_(c|m)alloc()
* Explicitly return NULL when size == 0 in H5allocate_memory()
* Committing clang-format changes
* Format fix
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
in CDash (#2208)
* Change how HPC tests are executed
* Move ctest_test commands for serial and parallel tests into cmake files.
* Update checks for uploading Test.xml to CDash.
* Correct cmake scripots.
* Remove extraneous characters.
* Add ctest_start (APPEND).
* Add binary directories to scripts running ctest_test.
* Correct parameters for appending Test.xml.
* Set CTEST_SITE and CTEST_BUILD_NAME.
* Try to pass site and build_name to ctest_test sripts.
* Add site name and build name for ctest_test commands vi environment.
* Revert "Try to pass site and build_name to ctest_test sripts."
This reverts commit d364aaf0fa65ee7f9e222b2633ee916d50afbc42.
* Correct typo in src/CMakeLists.txt.
* Update batch scripts to run ctest_test scripts.
Co-authored-by: Allen Byrne <byrn@hdfgroup.org>
|
| |
|
|
|
|
|
| |
* Update link for Software Changes in RELEASE.txt.
Add RELEASE.txt contents from 1.13.3 release to HISTORY-1_13.txt.
* Reverse order of entries in HISTORY-1_13.txt to match the order in previous HISTORY
files.
|
| | |
|
