| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Enclose MESG in do...while loop (#2576)
Enclose MSG macro in a do...while loop
* Add a clang-format comment about permissions (#2577)
* Remove an obsolete comment from the MDS test (#2578)
The seed is now broadcast from rank 0, so the warning about multiple
machines having different seeds is unnecessary.
* Subfiling VFD - fix issues with I/O concentrator selection strategies (#2571)
Fix multiple bugs with the SELECT_IOC_EVERY_NTH_RANK and
SELECT_IOC_TOTAL I/O concentrator selection strategies and add a
regression test for them
* Check for overflow when calculating on-disk attribute data size (#2459)
* Remove duplicate code
Signed-off-by: Egbert Eich <eich@suse.com>
* Add test case for CVE-2021-37501
Bogus sizes in this test case causes the on-disk data size
calculation in H5O__attr_decode() to overflow so that the
calculated size becomes 0. This causes the read to overflow
and h5dump to segfault.
This test case was crafted, the test file was not directly
generated by HDF5.
Test case from:
https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md
---------
Co-authored-by: glennsong09 <43005495+glennsong09@users.noreply.github.com>
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
Co-authored-by: jhendersonHDF <jhenderson@hdfgroup.org>
Co-authored-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
|
|
|
| |
(#2571) (#2618)
Fix multiple bugs with the SELECT_IOC_EVERY_NTH_RANK and
SELECT_IOC_TOTAL I/O concentrator selection strategies and add a
regression test for them
|
| | |
|
| | |
|
| |
|
|
|
| |
* Merge doxygen plist tables changes from develop
* Doxy corrections
|
| |
|
|
|
|
|
|
|
| |
* Add fetchcontent for compression libs and fix cmake config #2487
* Update cmake doc for FetchContent
* Add CI test for FetchContent
* Use LINK_COMP_LIBS instead of STATIC_LIBRARY for depends
|
| | |
|
| |
|
|
|
|
|
| |
* Merge Correct pkgconfig variables and libraries #290
* Fix typo
* Fix spacing
|
| |
|
|
|
|
|
|
| |
We will no longer maintain HISTORY files for other maintenance branches,
so those have been removed. Adds a README.md explaining the purpose
and procedures of HDF5 HISTORY. Also adds a newsletter template and
updates the RELEASE.txt note part of CONTRIBUTING.md.
Also cleans out RELEASE.txt post-HDF5-1.14.0
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix some doxygen warnings
* Remove javadocs
* Fix spelling
* Fix section format
* Correct doxygen function name
* Remove duplicate
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
b9244a85d9f1cc5e9bbec61ca73c0cbd9c4cf249 Align arg types of H5D_chunk_iter_op_t with H5Dget_chunk_info (#2074)
70cf2c390bc2eef8e57f8fa023341011e2d02d9d Removed idioms and misc. text clean-up (#2320)
8102fa8c972bdc0d8fd8f3dae604e070893150d6 Only document Fortran functions (#2319)
784061b15e176b9919c19a220ce278a9f4cddf0e moved onion VFD to FAPL group (#2321)
6b6bcdead66f0456ac0528683faac6a8e48b6565 Hdffv 11052 (#2315)
10c693a04ff0c4a5219879d7f8900157dcbece66 Update hdf5_header.html
0cb58080875070db09b5ecae92482519d58872bc Hdffv 11052 (#2303)
a1c81eda203addced514ef655f7a9079f3f0bb04 added doc. warning for H5Literate_async return value (#2295)
502b32b0f22a4bcf6333c85c256db34162c2764a Updated H5ES documenation (#2293)
a9036005c3916e6fda0296026323f00d043300f8 Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC)… (#2291)
|
| |
|
|
|
|
|
| |
* Disable hl tools by default #2313
* Only gif tools are deprecated
* Update autotools
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update versions for hdf5_1_14 develop branch after creation of
hdf5_1-14_0 branch for 1.14.0 release.
* Update windows worker compilers (#2286)
* Update windows worker compilers
* Update bin and test issues
* Update script and revert java test
* Update scripts and versions in java files.
Co-authored-by: Allen Byrne <50328838+byrnHDF@users.noreply.github.com>
|
| |
|
| |
hdf5_1-14_0 branch for 1.14.0 release.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Compound datatypes may not have members of size 0
A member size of 0 may lead to an FPE later on as reported in
CVE-2021-46244. To avoid this, check for this as soon as the
member is decoded.
This should probably be done in H5O_dtype_decode_helper() already,
however it is not clear whether all sizes are expected to be != 0.
This fixes CVE-2021-46244 / Bug #2242.
Signed-off-by: Egbert Eich <eich@suse.com>
* Rework error recovery code in H5O__dtype_decode_helper() and
H5O__dtype_decode().
* Format changes for src/H5Odtype.c.
Signed-off-by: Egbert Eich <eich@suse.com>
Co-authored-by: Neil Fortner <nfortne2@hdfgroup.org>
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
| |
|
|
|
| |
* Correct requires setting for pkgconfig files
* Add issue number
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* When evicting driver info block, NULL the corresponding entry
Since H5C_expunge_entry() called (from H5AC_expunge_entry()) sets the flag
H5C__FLUSH_INVALIDATE_FLAG, the driver info block will be freed. NULLing the
pointer in f->shared->drvinfo will prevent use-after-free when it is used in other
functions (like H5F__dest()) - as other places will check whether the pointer is
initialized before using its value.
This fixes CVE-2021-46242 / Bug #2254
Signed-off-by: Egbert Eich <eich@suse.com>
* When evicting the superblock, NULL the corresponding entry
The call to H5AC_expunge_entry() will free the corresonding structure,
to avoid a use-after-free, the corrsponding pointer entry will be NULLed.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
| |
* Output should only be printed if verbose.
* Add note
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For Data Layout Messages version 1 & 2 the specification state
that the value stored in the data field is 1 greater than the
number of dimensions in the dataspace. For version 3 this is
not explicitly stated but the implementation suggests it to be
the case.
Thus the set value needs to be at least 2. For dimensionality
< 2 an out-of-bounds access occurs as in CVE-2021-45833.
This fixes CVE-2021-45833 / Bug #2240.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
itself (#2237)
The size of the enumeration values is determined by the size of the parent.
Functions accessing the enumeration values use the size of the enumeration
to determine the size of each element and how much data to copy. Thus the
size of the enumeration and its parent need to match.
Check here to avoid unpleasant surprises later.
This fixes CVE-2018-14031 / Bug #2236.
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
According to the specification, the information block for external links
contains 1 byte of version/flag information and two 0 terminated strings
for the object linked to and the full path.
Although not very useful, the minimum string length for each (with
terminating 0) would be one byte.
Checking this will help to avoid SEGVs triggered by bogus files.
This fixes CVE-2018-16438 / Bug #2233.
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Initially, the accumulated metadata location is initialized to HADDR_UNDEF
- the highest available address. Bogus input files may provide a location
or size matching this value. Comparing this address against such bogus
values may provide false positives. This make sure, the value has been
initilized or fail the comparison early and let other parts of the
code deal with the bogus address/size.
Note: To avoid unnecessary checks, we have assumed that if the 'dirty'
member in the same structure is true the location is valid.
This fixes CVE-2018-13867 / Bug #2230.
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When decoding a file space info message in H5O__fsinfo_decode() make
sure each element to be decoded is still within the message. Malformed
hdf5 files may have trunkated content which does not match the
expected size. Checking this will prevent attempting to decode
unrelated data and heap overflows. So far, only free space manager
address data was checked before decoding.
This fixes CVE-2021-45830 / Bug #2228.
Signed-off-by: Egbert Eich <eich@suse.com>
Additions
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Malformed hdf5 files may provide more dimensions than the array dim[] in
H5IMget_image_info() is able to hold. Check number of elements first by calling
H5Sget_simple_extent_dims() with NULL for both 'dims' and 'maxdims' arguments.
This will cause the function to return only the number of dimensions.
The fix addresse a stack overflow on write.
This fixes CVE-2018-17439 / HDFFV-10589 / Bug #2226.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
|
| |
|
|
|
| |
* Adds a release note for PR #2210 (CVE-2019-8396)
* Capitalization issue fixed
|
| |
|
|
|
|
|
|
|
|
|
| |
* Removes MPE instrumentation support.
The Autotools will no longer accept --with-mpe= and the logging commands
have been removed from the FUNC_ENTER macros. CMake has never supported
instrumenting for MPE.
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
| |
This has not been used to debug the library in a very long time. Most
developers use valgrind, -fsanitize=address, or some other memory checker
instead of this library.
This removes:
* dmalloc.h include from H5private.h
* --with-dmalloc= Autotools configure option
* HDF5_ENABLE_USING_DMALLOC CMake option
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Removes the memory allocation sanity checks feature
* Committing clang-format changes
* Removes zero size checks for H5MM_(c|m)alloc()
* Explicitly return NULL when size == 0 in H5allocate_memory()
* Committing clang-format changes
* Format fix
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
* Update link for Software Changes in RELEASE.txt.
Add RELEASE.txt contents from 1.13.3 release to HISTORY-1_13.txt.
* Reverse order of entries in HISTORY-1_13.txt to match the order in previous HISTORY
files.
|
| | |
|
| |
|
| |
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Some Javadoc warning fixes
* Updated javadoc fixes
* # WARNING: head commit changed in the meantime
HDFFV-11229 Fix long double usage in tools and java
Changed h5dump and h5ls to just print 128-bit for long double type.
Added test and file for dataset and attributes with all three float
types.
* Committing clang-format changes
* HDFFV-11229 Add release note
* HDFFV-11229 windows testfile needed
* fix typo
* Remove non supported message text
* HDFFV-11229 - change ldouble test to check both native and general
* HDFFV-11229 add second file compare
* HDFFV-11229 fix reference file
* HDFFV-11229 autotools check two refs
* HDFFV-11229 revert back to removal of NATIVE_LDOUBLE in tools output
* Committing clang-format changes
* Update release note
* Update attribute type of ref file
* Change source of ninja for macs
* try port instead of brew
* Recommended is to use brew.
* Undo non long double changes
* remove unneeded file
* Fix perl and doxygen CMake code
* Add "option" command for clang options
* Rework CMake add_custom to use the BYPRODUCTS argument
* Add stamp files to BYPRODUCTS
* Only one copy of file exists
* Fix custom cmmand depends targets
* Fix fortran custom command DEPENDS
* Add LD_LIBRARY_PATH to tests
* Add custom target for DEPENDS
* Add h5detect conditionaly to generated target DEPENDS
* Correct DEPENDS targets
* Parallel builds need the mpi compiler for pkgconfig scripts.
* install only if MPI build
* Fortran target depends
* Remove incorrect source attribute
* doxygen adjustments
* doxygen build updates
* Correct version
* Correct function version - function has been merged to 1.12
* Correct version string for map functions
* Cleanup warnings for tools debug builds
* TRILAB-227 - fix indexing for h5diff selections
* Correct location of pos to index function call
* TRILAB-227 Enable test
* Quote subset args
* Use MATCHES because of AppleClang
* if blocks needed for build modes
* Update list of DT platforms
* VS2019 correctly displays float values
* revert VS2019 change
* Issue #669 remove version from pkgcfg filename
* remove version from h5cc script
* Java reference functions updated
enabled fortran in cmake gcc action yaml file
java reference test changed to correctly test refs
jni reference functions that create ids changed to use jni id logging
* Correct BYPRODUCTS argument
* Correct more genereated files BYPRODUCTS
* BYPRODUCTS must have unique locations
* Fix typo
* Fix fortran configure checks
* Rework H5_PAC_C_MAX_REAL_PRECISION setting logic
* Add note about fortran configure change
* Adds a quick for for some egregious chunk_info badness (#722)
* Fixes issue with ccmake that prevents building Fortran (#723)
ccmake runs iteratively, and the check_fortran_source_runs
macros were clobbering a single output file that did not
get updated on further configure iterations
* Fix conflicts with merge
* Move MAX_PRECISION back to HDF5UseFortran.cmake
* Use STREQUAL to test macro argument
* Move C language test to ConfigureChecks from HDF5UseFortran
* MAX_PRECISION defines must be defined
* Organize flags and align autotools and cmake
* Fix comment in no-error-general warnings files.
* Flag cleanup and fix typos
* Add comment
* Correct VAR used to find configure time file
* Set the path correctly
* Update missing release note info.
* Update code owners
* Correct JIRA note
* add known problem.
* Use only core library for testing dynamic plugins.
* Committing clang-format changes
* Update main.yml
* Update HISTORY-1_13.txt
Missing release note added for changed location of CMake configuration files.
* Update HISTORY-1_13.txt
Fix typo
* Update main.yml
revert change
* Updated version to 1.13.4-1 after creating hdf5_1_13_3 branch for 1.13.3
release.
Added new version to exceptions in lines 74-5 of src/H5.c
* Cleared RELEASE.txt entries following HDF5 1.13.3 release.
Co-authored-by: Allen Byrne <byrn@hdfgroup.org>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Allen Byrne <50328838+byrnHDF@users.noreply.github.com>
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
|
| |
|
|
|
|
| |
* Updated version to 1.13.4-1 after creating hdf5_1_13_3 branch for 1.13.3
release.
Added new version to exceptions in lines 74-5 of src/H5.c
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Improve JNI VL datatype read/write to handle complex combinations
* Implement VL of VL JNI writes and reads
* Add Java VLofVL test for attributtes
* Changes to address review issues
* Fix H5Aread vl blocks
|
| | |
|
| |
|
|
|
| |
* Implement option for using CMake GNUInstallDirs
* Add release notes
|
| |
|
|
|
|
|
|
|
|
|
| |
file handles (#2181)
* Fix bug with variable length attributes being accessed through multiple
file handles.
* Committing clang-format changes
Co-authored-by: Neil Fortner <nfortne2@localhost.localdomain>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Fix for HDFFV-10840: Instead of using fill->buf for datatype conversion
if it is large enough, a buffer is allocated regardless so that the element
in fill->buf can later be reclaimed.
Valgrind is run on test/set_extent.c and there is no memory leak.
* Add information of this fix to release notes.
Co-authored-by: vchoi <vchoi@jelly.ad.hdfgroup.org>
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
* Update CMake code to 3.18 minimum version
* Updated release note
|
| |
|
| |
* Update HISTORy-1_13.txt and clean RELEASE.txt entries after 1.13.2 release.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix bug in attribute type conversion where the background buffer would
not be initialized with the destination contents when necessary. Other
minor simplification.
* Committing clang-format changes
* Fix warnings.
* Address review comments.
* Add RELEASE.txt note for PR #2016
* Add GitHub number to release note
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
|
| |
* Add note to RELEASE.txt for HDFFV-11308
* Fix formatting error in RELEASE.txt
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix test failure
Description:
- Added two H5File constructors to open file with non-default fapl
- Added non-default fapl to test functions
- Commented certain renaming attribute tests because of the unexpected
behavior in renaming an attribute (HDFFV-11327)
Platform tested:
Linux/64 (jelly)
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
|
| |
release.
Added new version to exceptions in line 75 of src/H5.c.
|
| |
|
|
|
|
|
|
| |
release"
This reverts commit c58558e872d529da6eda327183ca2d14cfa91b95.
H5TEST-tcheck_version-release failed.
|
| |
|
|
| |
of HDF5 1.13.2.
|
