| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix for CVE-2018-15671
* Fix CVE-2016-4332
* Fix CVE-2018-11202
* Fix CVE-2018-11205
* Fix CVE-2018-13866
* Fix CVE-2018-13867 and CVE-2018-13871
|
|
|
| |
Mostly .github and config directories
|
| |
|
|
|
|
|
|
|
|
|
| |
* Merges from develop/1.14
* Fix doxygen warnings
* Fix spelling
* Fix doxygen ref
* Add braces
* Fix format
* Remove unused file
|
| |
|
|
|
|
|
| |
* Add DT workflows and update windows preset
* Stagger check time
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC) producing a core dump.
When h5debug closes the corrupted file, the library calls H5F__dest() which performs all the
closing operations for the file "f" (H5F_t *) but just keeping note of errors in "ret_value"
all the way till the end of the routine. The user-provided corrupted file has an illegal
file size causing failure when reading the image during the closing process.
At the end of this routine it sets f->shared to NULL and then frees "f".
This is done whether there is error or not in "ret_value".
Due to the failure in reading the file earlier, the routine then returns error.
The error return from H5F__dest() causes the file object "f" not being removed from the
ID node table. When the library finally exits, it will try to close the
file objects in the table. This causes assertion failure for f->file_id > 0.
Fix:
a) H5F_dest(): free the f only when there is no error in "ret_value" at the end of the routine.
b) H5F__close_cb(): if f->shared is NULL, free "f"; otherwise, perform closing on "f" as before.
c) h5debug.c main(): track error return from H5Fclose().
|
| |
|
| |
|
| |
|
|
|
|
| |
Verified with valgrind -v --tool=memcheck --leak-check=full h5dump POV-GH-2603
The several invalid reads shown originally are now gone.
|
| |
|
|
|
|
| |
(#2679) (#2730)
|
|
|
|
| |
(#2727)
|
|
|
|
|
|
|
|
|
| |
Malformed hdf5 files may have trunkated content which does not match
the expected size. When this function attempts to decode these it may
read past the end of the allocated space leading to heap overflows
as bounds checking is incomplete.
Make sure each element is within bounds before reading.
This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209.
|
|
|
|
|
|
|
|
|
|
|
|
| |
As indicated in the description, memory leak is detected when running "./h5dump pov".
The problem is: when calling H5O__add_cont_msg() from H5O__chunk_deserialize(),
memory is allocated for cont_msg_info->msgs. Eventually, when the library tries to load
the continuation message via H5AC_protect() in H5O_protect(), error is
encountered due to illegal info in the continuation message.
Due to the error, H5O_protect() exits but the memory allocated for cont_msg_info->msgs is not freed.
When we figure out how to handle fuzzed files that we didn't generate,
a test needs to be added to run h5dump with the provided "pov" file.
|
| |
|
|
|
|
|
|
|
|
| |
* Update HDF5 version after 1.10.10 release.
Update so numbers to match 1.10.10 release so numbers.
Update HISTORY-1_10.txt.
Clean RELEASE.txt entries.
* Missed one version change.
|
|
|
|
|
|
|
|
|
| |
* Revert the removal of HDF5GroupInfo class and deprecate.
* revert H5_QUARTER_HADDR_MAX removal
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
|
|
| |
* Revert "1 10 revert 2615 (#2629)"
This reverts commit 43e4e64d886e9072a6075c6369e84c0e273fa44f.
|
|
|
| |
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
| |
The small perf tool conflicts with the standard perf tool and is being
removed from all HDF5 releases.
Building h5perf in "standalone" mode (i.e., independently of the
library) has been broken for some time, so the build code for
that has also been removed.
|
|
|
|
|
|
|
| |
* Add Option to not build gif tools and remove javadoc option
* Remove old option
* Fix CMake command format
|
|
|
|
| |
Add HDF5_SRC_INCLUDE_DIRS variable
cleanup cmake comments and documentation
|
|
|
|
|
|
|
|
|
|
| |
This has not been used to debug the library in a very long time. Most
developers use valgrind, -fsanitize=address, or some other memory checker
instead of this library.
This removes:
* dmalloc.h include from H5private.h
* --with-dmalloc= Autotools configure option
* HDF5_ENABLE_USING_DMALLOC CMake option
|
|
|
|
|
|
|
|
| |
* Allow parallel + thread-safe builds
No longer require the "enable unsupported" option to build this
configuration in CMake and the Autotools.
* Add a release note for parallel thread-safety
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Elaborate how cd_values get stored (#2522)
* Enclose MESG in do...while loop (#2576)
Enclose MSG macro in a do...while loop
* Add a clang-format comment about permissions (#2577)
* Check for overflow when calculating on-disk attribute data size (#2459)
* Remove duplicate code
Signed-off-by: Egbert Eich <eich@suse.com>
* Add test case for CVE-2021-37501
Bogus sizes in this test case causes the on-disk data size
calculation in H5O__attr_decode() to overflow so that the
calculated size becomes 0. This causes the read to overflow
and h5dump to segfault.
This test case was crafted, the test file was not directly
generated by HDF5.
Test case from:
https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md
---------
Co-authored-by: Mark (he/his) C. Miller <miller86@llnl.gov>
Co-authored-by: glennsong09 <43005495+glennsong09@users.noreply.github.com>
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
Co-authored-by: Egbert Eich <eich@suse.com>
|
|
|
|
|
| |
* Add fetchcontent for compression libs and fix cmake config #2487
* Add CI test for FetchContent
|
|
|
|
|
| |
* Merge Merge CMake generated pkg-config file is incorrect #2259
* Fix spacing
|
|
|
|
|
|
|
|
|
|
| |
(#2153) (#2278)
* Fix for HDFFV-10840: Instead of using fill->buf for datatype conversion
if it is large enough, a buffer is allocated regardless so that the element
in fill->buf can later be reclaimed.
Valgrind is run on test/set_extent.c and there is no memory leak.
* Add information of this fix to release notes.
|
|
|
|
|
| |
---------
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
|
|
|
|
| |
---------
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
| |
|
| |
|
|
|
|
|
|
|
| |
file handles (merge to 1.10) (#2223)
* Fix problem with variable length attributes being accessed through multiple file handles (#2181) (#2207)
* Fix bug in merge of vlen attr fix (#2181) from 1.12
|
|
|
|
| |
(#2138) (#2142)
|
|
|
|
|
|
|
|
| |
HDFView is still under construction, but mostly there.
Merge the Fortran doxygen changes from develop PR, updated RM index.
Adjusted references to UG and created some TODOs for missing UG modules
Some may just need a reference back to a section of the user guide. Made
some Fortran doxygen changes for overall consistency.
|
|
|
|
| |
(#2069)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1.10 (#2058)
* Persist dataset access properties when using H5Fstart_swmr_write - merge to 1.12 branch (#2031)
* Merge GitHub #1862 (HDFFV-11308) to 1.12 branch
Persist dataset access properties when using H5Fstart_swmr_write (#1862)
* Fix HDFFV-11308 - dataset access properties disappear when using
H5Fstart_swmr_write.
* Committing clang-format changes
* Add test for H5Fstart_swmr_write() persisting DAPL settings. Fix bugs
in the library exposed by this test.
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Fix bug in swmr.c introduced with recent merge (double_t) (#1913)
* Fix HDFFV-11308 - dataset access properties disappear when using
H5Fstart_swmr_write.
* Committing clang-format changes
* Add test for H5Fstart_swmr_write() persisting DAPL settings. Fix bugs
in the library exposed by this test.
* Committing clang-format changes
* Replace accidental use of double_t in swmr.c with double.
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Add note to RELEASE.txt for HDFFV-11308 (#2029)
* Add note to RELEASE.txt for HDFFV-11308
* Fix formatting error in RELEASE.txt
* Committing clang-format changes
* Fix inappropriate use of HGOTO_ERROR (#2055)
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix invalid comment about character encoding in H5Fint.c (#1845)
* Convert assertion on (possibly corrupt) file contents to normal error check (#1861)
* Convert assertion on (possibly corrupt) file contents to normal error check
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Avoid allocating chunk map for contiguous and compact dataset I/O (#1927)
* Add documentation for parallel compression feature (#1981)
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Add utility JNI function for 1.10 style references
* Clarify text
* Correct signature
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* HDFFV-11310 - implement vlen read/write for atomic types.
* HDFFV-11310 - VL read/write function for primitive types
* Add read/write VL option
* fix function name typo
* remove debugging prints
* Remove more debugging code
* Correct note to match change in code.
* HDFFV-11318 add VL references as byte arrays
* Fix unreleased allocations, fix debug
* Fix format
* Fix formatting
* Correct typo
|
|
|
|
|
| |
* Branch sync updates and spelling
* Revert format of getenv
|
|
|
|
| |
Update so numbers to match 1.10.9 release.
Clear 1.10.9 entries from RELEASE.txt.
|
|
|
|
|
| |
* Hdf5 1 10 parallel compression merge
|
| |
|
| |
|