summaryrefslogtreecommitdiffstats
path: root/release_docs
Commit message (Collapse)AuthorAgeFilesLines
* Fix CVE-2016-4332 (#3451)Dana Robinson2023-08-311-0/+12
|
* Reverts the CVE fixes (#3448)Dana Robinson2023-08-301-26/+0
| | | | | These fixes introduce a difficult-to-reproduce Java test failure so this will be reverted while we investigate. Individual CVE fixes will instead be introduced one at a time.
* Correct GIF option notes (#3443)Allen Byrne2023-08-291-3/+2
|
* 10 CVE fixes (#3440)Dana Robinson2023-08-291-0/+26
| | | | | | | | | | | | | * Fix for CVE-2018-15671 * Fix CVE-2016-4332 * Fix CVE-2018-11202 * Fix CVE-2018-11205 * Fix CVE-2018-13866 * Fix CVE-2018-13867 and CVE-2018-13871
* Misc normalization with develop (#3436)Dana Robinson2023-08-263-6/+6
| | | Mostly .github and config directories
* Fix loading plugin fails with missing directory GH issue #3248 (#3325)Allen Byrne2023-08-021-1/+6
|
* Various merges from develop (#3135)Allen Byrne2023-06-191-4/+16
| | | | | | | | | * Merges from develop/1.14 * Fix doxygen warnings * Fix spelling * Fix doxygen ref * Add braces * Fix format * Remove unused file
* Update actions and change defaults of compression (fix vars) (#3044)Allen Byrne2023-06-062-74/+97
|
* Add DT workflows and update windows preset (#2967)Allen Byrne2023-05-212-4/+106
| | | | | * Add DT workflows and update windows preset * Stagger check time
* Fix CMake generator expression syntax (#2941)Allen Byrne2023-05-121-1/+12
|
* New 1 10 hdffv 11052 (#2932)vchoi-hdfgroup2023-05-111-0/+19
| | | | | | | | | | | | | | | | | | Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC) producing a core dump. When h5debug closes the corrupted file, the library calls H5F__dest() which performs all the closing operations for the file "f" (H5F_t *) but just keeping note of errors in "ret_value" all the way till the end of the routine. The user-provided corrupted file has an illegal file size causing failure when reading the image during the closing process. At the end of this routine it sets f->shared to NULL and then frees "f". This is done whether there is error or not in "ret_value". Due to the failure in reading the file earlier, the routine then returns error. The error return from H5F__dest() causes the file object "f" not being removed from the ID node table. When the library finally exits, it will try to close the file objects in the table. This causes assertion failure for f->file_id > 0. Fix: a) H5F_dest(): free the f only when there is no error in "ret_value" at the end of the routine. b) H5F__close_cb(): if f->shared is NULL, free "f"; otherwise, perform closing on "f" as before. c) h5debug.c main(): track error return from H5Fclose().
* Clean up memory allocated when reading messages in H5Dlayout on error (#2813)glennsong092023-04-301-0/+10
|
* Add no subsets option to h5diff like h5dump (#2761)Allen Byrne2023-04-301-1/+6
|
* Fix v1 object header gap bug in H5Ocopy (#2785) (#2834)jhendersonHDF2023-04-301-0/+12
|
* Fixed GH-2603, heap-buffer-overflow in H5O__linfo_decode (#2758)bmribler2023-04-181-0/+9
| | | | Verified with valgrind -v --tool=memcheck --leak-check=full h5dump POV-GH-2603 The several invalid reads shown originally are now gone.
* Remove author and date from RELEASE.txt entries (#2753)Dana Robinson2023-04-161-6/+3
|
* Add buffer overrun checks to H5O__layout_decode and H5O__sdspace_decode ↵jhendersonHDF2023-04-151-1/+9
| | | | (#2679) (#2730)
* Fix a heap buffer overflow during H5D__compact_readvv (GitHub #2606) (#2664) ↵jhendersonHDF2023-04-151-0/+19
| | | | (#2727)
* H5O__pline_decode() Make more resilient to out-of-bounds read (#2210) (#2734)jhendersonHDF2023-04-151-0/+10
| | | | | | | | | Malformed hdf5 files may have trunkated content which does not match the expected size. When this function attempts to decode these it may read past the end of the allocated space leading to heap overflows as bounds checking is incomplete. Make sure each element is within bounds before reading. This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209.
* Fix for github issue #2599: (#2665) (#2736)vchoi-hdfgroup2023-04-141-2/+14
| | | | | | | | | | | | As indicated in the description, memory leak is detected when running "./h5dump pov". The problem is: when calling H5O__add_cont_msg() from H5O__chunk_deserialize(), memory is allocated for cont_msg_info->msgs. Eventually, when the library tries to load the continuation message via H5AC_protect() in H5O_protect(), error is encountered due to illegal info in the continuation message. Due to the error, H5O_protect() exits but the memory allocated for cont_msg_info->msgs is not freed. When we figure out how to handle fuzzed files that we didn't generate, a test needs to be added to run h5dump with the provided "pov" file.
* CMake - Match Autotools behavior for library instrumentation (#2648) (#2672)jhendersonHDF2023-04-081-1/+8
|
* Update HDF5 version after 1.10.10 release. (#2681)Larry Knox2023-04-072-284/+1151
| | | | | | | | * Update HDF5 version after 1.10.10 release. Update so numbers to match 1.10.10 release so numbers. Update HISTORY-1_10.txt. Clean RELEASE.txt entries. * Missed one version change.
* Revert the removal of HDF5GroupInfo class and deprecate. (#2636)Allen Byrne2023-03-271-0/+8
| | | | | | | | | * Revert the removal of HDF5GroupInfo class and deprecate. * revert H5_QUARTER_HADDR_MAX removal --------- Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Undo revert 2615 (#2638)Larry Knox2023-03-271-1/+0
| | | | | | * Revert "1 10 revert 2615 (#2629)" This reverts commit 43e4e64d886e9072a6075c6369e84c0e273fa44f.
* 1 10 revert 2615 (#2629)Larry Knox2023-03-241-1/+2
| | | Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Fix a memory corruption issue in H5S__point_project_simple (#2627)jhendersonHDF2023-03-241-0/+14
|
* Remove perf tool and standalone h5perf builds (#2619)Dana Robinson2023-03-211-4/+24
| | | | | | | | The small perf tool conflicts with the standard perf tool and is being removed from all HDF5 releases. Building h5perf in "standalone" mode (i.e., independently of the library) has been broken for some time, so the build code for that has also been removed.
* Add Option to not build gif tools and remove javadoc option (#2611)Allen Byrne2023-03-202-0/+19
| | | | | | | * Add Option to not build gif tools and remove javadoc option * Remove old option * Fix CMake command format
* Add missing items for hpc/scripts and release versions of extra (#2616)Allen Byrne2023-03-203-6/+11
| | | | | | | | | * Add missing items for hpc/scripts and release versions of extra * Update examples project version * Add VS2022 options to build scripts * And VS2022 added to windefs comment
* Gather latest CMake changes from develop (#2609)Allen Byrne2023-03-202-12/+16
| | | | Add HDF5_SRC_INCLUDE_DIRS variable cleanup cmake comments and documentation
* Remove version specific examples from README_HPC. (#2613)Larry Knox2023-03-201-14/+10
|
* Removes dmalloc support (#2239) (#2587)Dana Robinson2023-03-181-1/+14
| | | | | | | | | | This has not been used to debug the library in a very long time. Most developers use valgrind, -fsanitize=address, or some other memory checker instead of this library. This removes: * dmalloc.h include from H5private.h * --with-dmalloc= Autotools configure option * HDF5_ENABLE_USING_DMALLOC CMake option
* Use new scheme in release_docs (#2585)Dana Robinson2023-03-184-14439/+127
| | | | | * Add README.md and NEWSLETTER.txt files * Remove HISTORY-1_8.txt * Rename HISTORY-1_0-1_8_0_rc3.txt to HISTORY-1_0-1_8_0.txt
* Allow parallel thread-safe builds (#2584)Dana Robinson2023-03-181-0/+9
| | | | | | | | * Allow parallel + thread-safe builds No longer require the "enable unsupported" option to build this configuration in CMake and the Autotools. * Add a release note for parallel thread-safety
* Minor merges to 1.10 (#2579)Larry Knox2023-03-181-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Elaborate how cd_values get stored (#2522) * Enclose MESG in do...while loop (#2576) Enclose MSG macro in a do...while loop * Add a clang-format comment about permissions (#2577) * Check for overflow when calculating on-disk attribute data size (#2459) * Remove duplicate code Signed-off-by: Egbert Eich <eich@suse.com> * Add test case for CVE-2021-37501 Bogus sizes in this test case causes the on-disk data size calculation in H5O__attr_decode() to overflow so that the calculated size becomes 0. This causes the read to overflow and h5dump to segfault. This test case was crafted, the test file was not directly generated by HDF5. Test case from: https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md --------- Co-authored-by: Mark (he/his) C. Miller <miller86@llnl.gov> Co-authored-by: glennsong09 <43005495+glennsong09@users.noreply.github.com> Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com> Co-authored-by: Egbert Eich <eich@suse.com>
* Update cross compile checks and files #2497 (#2567)Allen Byrne2023-03-171-0/+81
|
* Change libaec URL to actively maintained repo GH#2552 (#2562)Allen Byrne2023-03-171-3/+3
|
* 1.10 Add fetchcontent for compression libs and fix cmake config #2487 (#2494)Allen Byrne2023-02-222-5/+68
| | | | | * Add fetchcontent for compression libs and fix cmake config #2487 * Add CI test for FetchContent
* 1.10 Merge Merge CMake generated pkg-config file is incorrect #2259 (#2479)Allen Byrne2023-02-171-0/+13
| | | | | * Merge Merge CMake generated pkg-config file is incorrect #2259 * Fix spacing
* 1.10: Add spelling check to CI and fix errors. (#2442)Allen Byrne2023-02-162-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update CI and support files to match latest from 1.14 * Correct spelling * More spelling corrections * spelling fixes in testpar * Fix spelling errors in tools * More tools spelling fixes * Spelling fixes for rest of tools and some src * Fix spelling errors in src files, pt 2 * Fix spelling in src pt3 * Fix spelling errors pt4 * Fix spelling errors pt5 * Spelling fix pt6 * fix spelling error examples * fix spelling in tests * fix spelling errors in test pt2 * Fix spelling errors in test pt3 * fix spelling in test pt4 * Fix spelling errors in hl * fix spelling errors in c++ * Spelling fixes for fortran * spelling fixes for bin and java * Add relative path * Change spelling action to use a file for list of ignore words * Fix spelling ignore list * remove unused file
* Fix for HDFFV-10840: Instead of using fill->buf for datatype conversion ↵vchoi-hdfgroup2023-02-131-0/+13
| | | | | | | | | | (#2153) (#2278) * Fix for HDFFV-10840: Instead of using fill->buf for datatype conversion if it is large enough, a buffer is allocated regardless so that the element in fill->buf can later be reclaimed. Valgrind is run on test/set_extent.c and there is no memory leak. * Add information of this fix to release notes.
* 1.10 Correct requires setting for pkgconfig files #2280 (#2284)Allen Byrne2023-02-131-0/+8
| | | | | --------- Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
* 1.10 h5repack should only print if verbose (#2275)Allen Byrne2023-02-131-1/+6
| | | | | --------- Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
* Merge #2198 CMake MPI link (#2216)Allen Byrne2022-11-051-1/+7
|
* 1.10 Merge HDFGroup#2175 Implement option for using CMake GNUInstallDirs (#2222)Allen Byrne2022-11-052-1/+28
|
* Fix problem with variable length attributes being accessed through multiple ↵Neil Fortner2022-11-051-0/+10
| | | | | | | file handles (merge to 1.10) (#2223) * Fix problem with variable length attributes being accessed through multiple file handles (#2181) (#2207) * Fix bug in merge of vlen attr fix (#2181) from 1.12
* Fixed an issue that could occur when combining hyperslab selections (#2122) ↵Neil Fortner2022-10-051-0/+7
| | | | (#2138) (#2142)
* Update examples reference to single-source version 2.0.1 (#2109)Allen Byrne2022-10-012-8/+8
| | | Also fix github URL refs
* Main Getting Started page and the three HDF Resources have pages. (#2092)Allen Byrne2022-09-091-1/+3
| | | | | | | | HDFView is still under construction, but mostly there. Merge the Fortran doxygen changes from develop PR, updated RM index. Adjusted references to UG and created some TODOs for missing UG modules Some may just need a reference back to a section of the user guide. Made some Fortran doxygen changes for overall consistency.
* Fix bug in attribute type conversion wiith compound types - merge to 1.10 ↵Neil Fortner2022-09-091-0/+9
| | | | (#2069)
generated by cgit v0.12 at 2024-07-05 03:59:55 (GMT)