| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
(#2679) (#2728)
|
|
|
|
| |
(#2725)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix for github issue #2599:
As indicated in the description, memory leak is detected when running "./h5dump pov".
The problem is: when calling H5O__add_cont_msg() from H5O__chunk_deserialize(),
memory is allocated for cont_msg_info->msgs. Eventually, when the library tries to load
the continuation message via H5AC_protect() in H5O_protect(), error is
encountered due to illegal info in the continuation message.
Due to the error, H5O_protect() exits but the memory allocated for cont_msg_info->msgs is not freed.
When we figure out how to handle fuzzed files that we didn't generate,
a test needs to be added to run h5dump with the provided "pov" file.
* Add message to release notes for the fix to github issue #2599.
|
|
|
|
|
| |
* Avoid suppressing error output for non-tentative file opens
* Update comment about tentative file opens
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Convert asserts to error handling in efl decode
The function that decodes external data files object header messages
would call assert() when parsing malformed files, causing applications
to crash when linked against the debug library.
This change converts these assert() calls to HDF5 error checks, so
the messages are sanity checked in both release and debug mode and
debug mode no longer crashes applications.
Also cleaned up some error handling usage and debug checks.
* Free memory on H5O efl decode errors
* Add buffer size checks to efl msg decode
* Add parentheses to math expressions
Fixes GitHub #2605
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Enclose MESG in do...while loop (#2576)
Enclose MSG macro in a do...while loop
* Add a clang-format comment about permissions (#2577)
* Remove an obsolete comment from the MDS test (#2578)
The seed is now broadcast from rank 0, so the warning about multiple
machines having different seeds is unnecessary.
* Subfiling VFD - fix issues with I/O concentrator selection strategies (#2571)
Fix multiple bugs with the SELECT_IOC_EVERY_NTH_RANK and
SELECT_IOC_TOTAL I/O concentrator selection strategies and add a
regression test for them
* Check for overflow when calculating on-disk attribute data size (#2459)
* Remove duplicate code
Signed-off-by: Egbert Eich <eich@suse.com>
* Add test case for CVE-2021-37501
Bogus sizes in this test case causes the on-disk data size
calculation in H5O__attr_decode() to overflow so that the
calculated size becomes 0. This causes the read to overflow
and h5dump to segfault.
This test case was crafted, the test file was not directly
generated by HDF5.
Test case from:
https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md
---------
Co-authored-by: glennsong09 <43005495+glennsong09@users.noreply.github.com>
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
Co-authored-by: jhendersonHDF <jhenderson@hdfgroup.org>
Co-authored-by: Egbert Eich <eich@suse.com>
|
|
|
|
|
|
|
|
| |
(#2571) (#2618)
Fix multiple bugs with the SELECT_IOC_EVERY_NTH_RANK and
SELECT_IOC_TOTAL I/O concentrator selection strategies and add a
regression test for them
|
| |
|
| |
|
|
|
|
| |
Co-authored-by: Mark (he/his) C. Miller <miller86@llnl.gov>
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
|
| |
|
|
|
| |
Co-authored-by: H. Joe Lee <hyoklee@hdfgroup.org>
|
|
|
|
|
|
|
| |
(#2512) (#2566)
Forward port of 9f252f1 from #2329
Co-authored-by: Mark Kittisopikul <mkitti@users.noreply.github.com>
|
|
|
|
|
|
|
| |
* Fix new codespell issues
* Have codespell ignore ./config/sanitizer/sanitizers.cmake
Co-authored-by: Mark Kittisopikul <mkitti@users.noreply.github.com>
|
|
|
|
|
| |
* Merge doxygen plist tables changes from develop
* Doxy corrections
|
| |
|
|
|
|
|
|
|
| |
* Merge Correct pkgconfig variables and libraries #290
* Fix typo
* Fix spacing
|
|
|
|
|
|
|
|
|
| |
* Correct VERS compatible
* Remove FAIL check in CMake test
* Remove unnecessary value in vers array
* revert empty list
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Initial doxygen markup
* Committing clang-format changes
* Adds Doxygen comments to VOL flags
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
| |
* Partial work towards cleaning up the onion VFD code
* Committing clang-format changes
* A few minor tweaks to the onion VFD public header
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix some doxygen warnings
* Remove javadocs
* Fix spelling
* Fix section format
* Correct doxygen function name
* Remove duplicate
Co-authored-by: Dana Robinson <43805+derobins@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
b9244a85d9f1cc5e9bbec61ca73c0cbd9c4cf249 Align arg types of H5D_chunk_iter_op_t with H5Dget_chunk_info (#2074)
70cf2c390bc2eef8e57f8fa023341011e2d02d9d Removed idioms and misc. text clean-up (#2320)
8102fa8c972bdc0d8fd8f3dae604e070893150d6 Only document Fortran functions (#2319)
784061b15e176b9919c19a220ce278a9f4cddf0e moved onion VFD to FAPL group (#2321)
6b6bcdead66f0456ac0528683faac6a8e48b6565 Hdffv 11052 (#2315)
10c693a04ff0c4a5219879d7f8900157dcbece66 Update hdf5_header.html
0cb58080875070db09b5ecae92482519d58872bc Hdffv 11052 (#2303)
a1c81eda203addced514ef655f7a9079f3f0bb04 added doc. warning for H5Literate_async return value (#2295)
502b32b0f22a4bcf6333c85c256db34162c2764a Updated H5ES documenation (#2293)
a9036005c3916e6fda0296026323f00d043300f8 Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC)… (#2291)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Adds 'unused' hints for MDS io_info parameters
* Committing clang-format changes
* Fix issue with formatter
* Committing clang-format changes
* Final fix for formatter
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
| |
hdf5_1-14_0 branch for 1.14.0 release.
|
| |
|
|
|
| |
members
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Compound datatypes may not have members of size 0
A member size of 0 may lead to an FPE later on as reported in
CVE-2021-46244. To avoid this, check for this as soon as the
member is decoded.
This should probably be done in H5O_dtype_decode_helper() already,
however it is not clear whether all sizes are expected to be != 0.
This fixes CVE-2021-46244 / Bug #2242.
Signed-off-by: Egbert Eich <eich@suse.com>
* Rework error recovery code in H5O__dtype_decode_helper() and
H5O__dtype_decode().
* Format changes for src/H5Odtype.c.
Signed-off-by: Egbert Eich <eich@suse.com>
Co-authored-by: Neil Fortner <nfortne2@hdfgroup.org>
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
|
|
|
|
|
|
| |
* Fixes warnings in H5Opline.c error messages
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
| |
C++ HDF5 filter plugin SZ3 fails to build under windows with failure at linking time unless that extern "C" block is added.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* When evicting driver info block, NULL the corresponding entry
Since H5C_expunge_entry() called (from H5AC_expunge_entry()) sets the flag
H5C__FLUSH_INVALIDATE_FLAG, the driver info block will be freed. NULLing the
pointer in f->shared->drvinfo will prevent use-after-free when it is used in other
functions (like H5F__dest()) - as other places will check whether the pointer is
initialized before using its value.
This fixes CVE-2021-46242 / Bug #2254
Signed-off-by: Egbert Eich <eich@suse.com>
* When evicting the superblock, NULL the corresponding entry
The call to H5AC_expunge_entry() will free the corresonding structure,
to avoid a use-after-free, the corrsponding pointer entry will be NULLed.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For Data Layout Messages version 1 & 2 the specification state
that the value stored in the data field is 1 greater than the
number of dimensions in the dataspace. For version 3 this is
not explicitly stated but the implementation suggests it to be
the case.
Thus the set value needs to be at least 2. For dimensionality
< 2 an out-of-bounds access occurs as in CVE-2021-45833.
This fixes CVE-2021-45833 / Bug #2240.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
from an application (#2248)
* Jira HDFFV-10881: Segfault in H5CX_get_vol_wrap_ctx when H5VLwrap_register is called from an application. A quick and simple fix to make it fail with a relevant error message.
* Format changes.
* Committing clang-format changes
* Minor change: split one condition check into two for clarity.
* Adding doxygen comment for H5VLwrap_register.
* Minor change: adding a little more detail to the Doxygen comment for H5VLwrap_register.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
itself (#2237)
The size of the enumeration values is determined by the size of the parent.
Functions accessing the enumeration values use the size of the enumeration
to determine the size of each element and how much data to copy. Thus the
size of the enumeration and its parent need to match.
Check here to avoid unpleasant surprises later.
This fixes CVE-2018-14031 / Bug #2236.
Signed-off-by: Egbert Eich <eich@suse.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to the specification, the information block for external links
contains 1 byte of version/flag information and two 0 terminated strings
for the object linked to and the full path.
Although not very useful, the minimum string length for each (with
terminating 0) would be one byte.
Checking this will help to avoid SEGVs triggered by bogus files.
This fixes CVE-2018-16438 / Bug #2233.
Signed-off-by: Egbert Eich <eich@suse.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Initially, the accumulated metadata location is initialized to HADDR_UNDEF
- the highest available address. Bogus input files may provide a location
or size matching this value. Comparing this address against such bogus
values may provide false positives. This make sure, the value has been
initilized or fail the comparison early and let other parts of the
code deal with the bogus address/size.
Note: To avoid unnecessary checks, we have assumed that if the 'dirty'
member in the same structure is true the location is valid.
This fixes CVE-2018-13867 / Bug #2230.
Signed-off-by: Egbert Eich <eich@suse.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When decoding a file space info message in H5O__fsinfo_decode() make
sure each element to be decoded is still within the message. Malformed
hdf5 files may have trunkated content which does not match the
expected size. Checking this will prevent attempting to decode
unrelated data and heap overflows. So far, only free space manager
address data was checked before decoding.
This fixes CVE-2021-45830 / Bug #2228.
Signed-off-by: Egbert Eich <eich@suse.com>
Additions
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
|
|
|
|
|
|
|
|
|
|
| |
* Removes MPE instrumentation support.
The Autotools will no longer accept --with-mpe= and the logging commands
have been removed from the FUNC_ENTER macros. CMake has never supported
instrumenting for MPE.
* Committing clang-format changes
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Malformed hdf5 files may have trunkated content which does not match
the expected size. When this function attempts to decode these it may
read past the end of the allocated space leading to heap overflows
as bounds checking is incomplete.
Make sure each element is within bounds before reading.
This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
|
|
|
|
|
|
|
|
|
|
| |
This has not been used to debug the library in a very long time. Most
developers use valgrind, -fsanitize=address, or some other memory checker
instead of this library.
This removes:
* dmalloc.h include from H5private.h
* --with-dmalloc= Autotools configure option
* HDF5_ENABLE_USING_DMALLOC CMake option
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Removes the memory allocation sanity checks feature
* Committing clang-format changes
* Removes zero size checks for H5MM_(c|m)alloc()
* Explicitly return NULL when size == 0 in H5allocate_memory()
* Committing clang-format changes
* Format fix
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
in CDash (#2208)
* Change how HPC tests are executed
* Move ctest_test commands for serial and parallel tests into cmake files.
* Update checks for uploading Test.xml to CDash.
* Correct cmake scripots.
* Remove extraneous characters.
* Add ctest_start (APPEND).
* Add binary directories to scripts running ctest_test.
* Correct parameters for appending Test.xml.
* Set CTEST_SITE and CTEST_BUILD_NAME.
* Try to pass site and build_name to ctest_test sripts.
* Add site name and build name for ctest_test commands vi environment.
* Revert "Try to pass site and build_name to ctest_test sripts."
This reverts commit d364aaf0fa65ee7f9e222b2633ee916d50afbc42.
* Correct typo in src/CMakeLists.txt.
* Update batch scripts to run ctest_test scripts.
Co-authored-by: Allen Byrne <byrn@hdfgroup.org>
|