summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Check for overflow when calculating on-disk attribute data size (#2459)Egbert Eich2023-03-021-4/+3
| | | | | | | | | | | | | | | | | * Remove duplicate code Signed-off-by: Egbert Eich <eich@suse.com> * Add test case for CVE-2021-37501 Bogus sizes in this test case causes the on-disk data size calculation in H5O__attr_decode() to overflow so that the calculated size becomes 0. This causes the read to overflow and h5dump to segfault. This test case was crafted, the test file was not directly generated by HDF5. Test case from: https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md
* Missing or misplaced entries in API reference tables #2470 (#2472)Allen Byrne2023-03-011-0/+2
| | | | | * Missing or misplaced entries in API reference tables #2470 * Doxy corrections
* Subfiling VFD - add option to specify config file prefix (#2495)jhendersonHDF2023-02-265-18/+165
|
* HDFFV-10368 (OESS-319): Making two useful macros (H5L_EXT_FLAGS_ALL and ↵raylu-hdf2023-02-212-6/+10
| | | | | | | | | | | | | | | | | | | | | H5L_EXT_VERSION) public (#2386) * HDFFV-10368 (OESS-319): Move two useful macros (H5L_EXT_FLAGS_ALL and H5L_EXT_VERSION) from H5Lpkg.h to H5Lpublic.h for public usage. The test in vol.c only envokes H5Lcreate_external using the passthru VOL. To test if the macros are public, one can use them in the link creation of the passthru VOL, such as printing out their values. * Committing clang-format changes * Moved the test for the external link public macros (H5L_EXT_FLAGS_ALL and H5L_EXT_VERSION) from vol.c to links.c. * Committing clang-format changes * Minor change: changed a pointer variable to an integer. * Committing clang-format changes * Moved two macros (H5L_EXT_VERSION and H5L_EXT_FLAGS_ALL) to H5Ldevelop.h for only developers to use. --------- Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* OESS-330/HDFFV-11282: Improve failure message when a VOL connector can't be ↵raylu-hdf2023-02-202-3/+8
| | | | | | | | | | | loaded (#2481) * OESS-330/HDFFV-11282: Improve failure message when a VOL connector can't be loaded. Made the error message clearer when the library can't find a plugin in the path table that contains the paths set by HDF5_PLUGIN_PATH and the default location and maybe set by H5PLxxx functions. * Committing clang-format changes --------- Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Fix issue with collective metadata writes of global heap data (#2480)jhendersonHDF2023-02-201-0/+8
|
* CMake generated pkg-config file is incorrect #2259 (#2476)Allen Byrne2023-02-171-4/+14
| | | | | | | | | | | | | * CMake generated pkg-config file is incorrect #2259 * Fix fortran pc template * hdf5.pc is incorrect for debug builds #1546 * Correct pkg name and lib name * Fix typo * Fix missing space
* GitHub #2417: to avoid the pass-through VOL failing in unexpected places, ↵raylu-hdf2023-02-171-0/+31
| | | | | | | | | | | make sure the underneath VOL ID is specified. (#2475) * GitHub #2417: to avoid the pass-through VOL failing in unexpected places, make sure the underneath VOL ID is specified. * Committing clang-format changes --------- Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Fix parallel warnings in H5Dmpio.c (#2457)Dana Robinson2023-02-131-2/+8
| | | | | | | * Mark a parameter as unused when not using a special debug define * Check for a chunk_entry NULL pointer after using HASH_FIND These should be the last parallel warnings so we can start building parallel with -Werror.
* corrected/added note about closing creation property list identifier (#2425)Scot Breitenfeld2023-02-115-19/+20
| | | | | | | * corrected/added note about closing creation property list identifier * removed immaterial \see APIs * added details to H5Literate
* Remove duplicated "help@hdfgroup.org" lines in file headers. (#2441)Larry Knox2023-02-111-1/+0
|
* Add szip/libaec to GitHub CI and fix warnings (#2438)Dana Robinson2023-02-092-10/+16
| | | | | | | | szip (or libaec) is currently not tested in CI. This adds szip to the the Autotools GitHub CI actions on Linux when building with the Autotools. This PR also cleans up a few warnings that remained in the szip- related code so the -Werror check will pass.
* Include shlwapi.h explicitly on Windows (#2407)Mark Kittisopikul2023-01-171-0/+1
| | | | | | | | * Include shlwapi.h explicitly * Add shlwapi library to LINK_LIB when header is detected Looking for StrStrIA in the shlwapi library is not reliable due to stdcall on mingw32.
* Update FORTRAN VOL connector test for external pass-through testing (#2393)Quincey Koziol2023-01-052-1/+3
| | | | | | | | | | | | | | | | | * Correct concurrency bugs when running tests, along with a bugfix & small warning cleanup. * Committing clang-format changes * Allow spaces (and tabs) in VOL connector info string from environment variable. * Parse connector name from HDF5_PLUGIN_PATH environment variable better * Correct H5VLquery_optional to use H5VL routine instead of H5I. Also add an error message to the failure return value from not finding a plugin. Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: AWS ParallelCluster user <ec2-user@ip-10-0-0-65.us-east-2.compute.internal> Co-authored-by: Koziol <qkoziol@88665a374c70.ant.amazon.com>
* Correct VOL connector env string parsing issue (#2350)Quincey Koziol2023-01-041-1/+1
| | | | | | | | | | | | * Correct concurrency bugs when running tests, along with a bugfix & small warning cleanup. * Committing clang-format changes * Allow spaces (and tabs) in VOL connector info string from environment variable. Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: AWS ParallelCluster user <ec2-user@ip-10-0-0-65.us-east-2.compute.internal> Co-authored-by: Koziol <qkoziol@88665a374c70.ant.amazon.com>
* Adds RELEASE.txt notes and updates Doxygen (#2377) (#2379)Dana Robinson2022-12-292-8/+10
|
* Adds Doxygen markup for H5FDdriver_query() (#2376)Dana Robinson2022-12-282-4/+23
|
* Purged references to HDF5 1.13.x from the Doxygen documentation (#2365)Dana Robinson2022-12-2710-38/+30
|
* Adds missing Doxygen for H5ESpublic.h (#2364)Dana Robinson2022-12-271-16/+77
| | | | | | | * Adds missing Doxygen for H5ESpublic.h * Committing clang-format changes Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* HL GIF tools changes (#2360)Dana Robinson2022-12-241-0/+1
| | | | * Fixes the broken Autotools option * Removes the "build HL tools" option
* Adds Doxygen VOL flag markup (#2340)Dana Robinson2022-12-211-55/+63
| | | | | | | | | | | * Initial doxygen markup * Committing clang-format changes * Adds Doxygen comments to VOL flags * Committing clang-format changes Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Onion VFD header cleanup (#2337)Dana Robinson2022-12-213-112/+85
| | | | | | | | | * Partial work towards cleaning up the onion VFD code * Committing clang-format changes * A few minor tweaks to the onion VFD public header Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* H5F_LIBVER_LATEST changes for move to 1.15 (#2288)Allen Byrne2022-12-2115-13/+30
| | | | | | | | | | | | | | | * H5F_LIBVER_LATEST changes for move to 1.15 * Add new default api check * Format fixes * Fix default configure * fix lib version tests * Fix another version variable * Add 1.14 doc link
* Fix doxygen warnings and remove javadocs (#2324)Allen Byrne2022-12-205-6/+6
| | | | | * Fix doxygen warnings and remove javadocs * fix typo
* Align arg types of H5D_chunk_iter_op_t with H5Dget_chunk_info (#2074)Mark Kittisopikul2022-12-193-11/+11
| | | | | | | * Align arg types of H5D_chunk_iter_op_t with H5Dget_chunk_info * Modify chunk_info test to for unsigned / hsize_t types * Fix types in test
* moved onion VFD to FAPL group (#2321)Scot Breitenfeld2022-12-171-4/+4
|
* Adds 'unused' hints for MDS io_info parameters (#2301)Dana Robinson2022-12-143-18/+17
| | | | | | | | | | | | | | | * Adds 'unused' hints for MDS io_info parameters * Committing clang-format changes * Fix issue with formatter * Committing clang-format changes * Final fix for formatter * Committing clang-format changes Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* added doc. warning for H5Literate_async return value (#2295)Scot Breitenfeld2022-12-141-0/+5
|
* Updated H5ES documenation (#2293)Scot Breitenfeld2022-12-131-5/+5
|
* Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC)… (#2291)vchoi-hdfgroup2022-12-132-24/+32
| | | | | | | | | | | | | | | | | | | | | | * Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC) producing a core dump. When h5debug closes the corrupted file, the library calls H5F__dest() which performs all the closing operations for the file "f" (H5F_t *) but just keeping note of errors in "ret_value" all the way till the end of the routine. The user-provided corrupted file has an illegal file size causing failure when reading the image during the closing process. At the end of this routine it sets f->shared to NULL and then frees "f". This is done whether there is error or not in "ret_value". Due to the failure in reading the file earlier, the routine then returns error. The error return from H5F__dest() causes the file object "f" not being removed from the ID node table. When the library finally exits, it will try to close the file objects in the table. This causes assert failure when H5F_ID_EXISTS(f) or H5F_NREFS(f). Fix: a) H5F_dest(): free the f only when there is no error in "ret_value" at the end of the routine. b) H5VL__native_file_close(): if f->shared is NULL, free "f"; otherwise, perform closing on "f" as before. c) h5debug.c main(): track error return from H5Fclose(). * Committing clang-format changes Co-authored-by: vchoi <vchoi@jelly.ad.hdfgroup.org> Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* added doc. warning for H5Oflush in parallel (#2289)Scot Breitenfeld2022-12-101-0/+3
|
* Check for size==0 for all datatypes read from disk, not just compound (#2287)Neil Fortner2022-12-081-9/+5
| | | members
* Compound datatypes may not have members of size 0 (#2243)Egbert Eich2022-12-071-55/+100
| | | | | | | | | | | | | | | | | | | | | | * Compound datatypes may not have members of size 0 A member size of 0 may lead to an FPE later on as reported in CVE-2021-46244. To avoid this, check for this as soon as the member is decoded. This should probably be done in H5O_dtype_decode_helper() already, however it is not clear whether all sizes are expected to be != 0. This fixes CVE-2021-46244 / Bug #2242. Signed-off-by: Egbert Eich <eich@suse.com> * Rework error recovery code in H5O__dtype_decode_helper() and H5O__dtype_decode(). * Format changes for src/H5Odtype.c. Signed-off-by: Egbert Eich <eich@suse.com> Co-authored-by: Neil Fortner <nfortne2@hdfgroup.org> Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
* Fixes warnings in H5Opline.c error messages (#2281)Dana Robinson2022-12-061-3/+5
| | | | | | | * Fixes warnings in H5Opline.c error messages * Committing clang-format changes Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* H5E_ERR_CLS_g symbol missing when compiling C++ plugins (#2269)V. Armando Solé2022-12-061-0/+7
| | | | C++ HDF5 filter plugin SZ3 fails to build under windows with failure at linking time unless that extern "C" block is added.
* return error message related to calling API (#2276)Scot Breitenfeld2022-12-021-2/+2
|
* CVE 2021 46242 develop (#2255)Egbert Eich2022-12-021-2/+6
| | | | | | | | | | | | | | | | | | | | | | * When evicting driver info block, NULL the corresponding entry Since H5C_expunge_entry() called (from H5AC_expunge_entry()) sets the flag H5C__FLUSH_INVALIDATE_FLAG, the driver info block will be freed. NULLing the pointer in f->shared->drvinfo will prevent use-after-free when it is used in other functions (like H5F__dest()) - as other places will check whether the pointer is initialized before using its value. This fixes CVE-2021-46242 / Bug #2254 Signed-off-by: Egbert Eich <eich@suse.com> * When evicting the superblock, NULL the corresponding entry The call to H5AC_expunge_entry() will free the corresonding structure, to avoid a use-after-free, the corrsponding pointer entry will be NULLed. Signed-off-by: Egbert Eich <eich@suse.com> Signed-off-by: Egbert Eich <eich@suse.com>
* Report error if dimensions of chunked storage in data layout < 2 (#2241)Egbert Eich2022-12-021-0/+4
| | | | | | | | | | | | | | | | For Data Layout Messages version 1 & 2 the specification state that the value stored in the data field is 1 greater than the number of dimensions in the dataspace. For version 3 this is not explicitly stated but the implementation suggests it to be the case. Thus the set value needs to be at least 2. For dimensionality < 2 an out-of-bounds access occurs as in CVE-2021-45833. This fixes CVE-2021-45833 / Bug #2240. Signed-off-by: Egbert Eich <eich@suse.com> Signed-off-by: Egbert Eich <eich@suse.com> Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
* Bug Fix: Segfault in H5CX_get_vol_wrap_ctx when H5VLwrap_register is called ↵raylu-hdf2022-11-172-2/+35
| | | | | | | | | | | | | | | | from an application (#2248) * Jira HDFFV-10881: Segfault in H5CX_get_vol_wrap_ctx when H5VLwrap_register is called from an application. A quick and simple fix to make it fail with a relevant error message. * Format changes. * Committing clang-format changes * Minor change: split one condition check into two for clarity. * Adding doxygen comment for H5VLwrap_register. * Minor change: adding a little more detail to the Doxygen comment for H5VLwrap_register.
* H5O_dtype_decode_helper: Parent of enum needs to have same size as enum ↵Egbert Eich2022-11-111-0/+2
| | | | | | | | | | | | | | itself (#2237) The size of the enumeration values is determined by the size of the parent. Functions accessing the enumeration values use the size of the enumeration to determine the size of each element and how much data to copy. Thus the size of the enumeration and its parent need to match. Check here to avoid unpleasant surprises later. This fixes CVE-2018-14031 / Bug #2236. Signed-off-by: Egbert Eich <eich@suse.com>
* Make sure info block for external links has at least 3 bytes (#2234)Egbert Eich2022-11-111-0/+2
| | | | | | | | | | | | According to the specification, the information block for external links contains 1 byte of version/flag information and two 0 terminated strings for the object linked to and the full path. Although not very useful, the minimum string length for each (with terminating 0) would be one byte. Checking this will help to avoid SEGVs triggered by bogus files. This fixes CVE-2018-16438 / Bug #2233. Signed-off-by: Egbert Eich <eich@suse.com>
* Validate location (offset) of the accumulated metadata when comparing (#2231)Egbert Eich2022-11-111-7/+9
| | | | | | | | | | | | | | | Initially, the accumulated metadata location is initialized to HADDR_UNDEF - the highest available address. Bogus input files may provide a location or size matching this value. Comparing this address against such bogus values may provide false positives. This make sure, the value has been initilized or fail the comparison early and let other parts of the code deal with the bogus address/size. Note: To avoid unnecessary checks, we have assumed that if the 'dirty' member in the same structure is true the location is valid. This fixes CVE-2018-13867 / Bug #2230. Signed-off-by: Egbert Eich <eich@suse.com>
* Make H5O__fsinfo_decode() more resilient to out-of-bound reads. (#2229)Egbert Eich2022-11-111-3/+13
| | | | | | | | | | | | | | | | When decoding a file space info message in H5O__fsinfo_decode() make sure each element to be decoded is still within the message. Malformed hdf5 files may have trunkated content which does not match the expected size. Checking this will prevent attempting to decode unrelated data and heap overflows. So far, only free space manager address data was checked before decoding. This fixes CVE-2021-45830 / Bug #2228. Signed-off-by: Egbert Eich <eich@suse.com> Additions Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
* Removes MPE instrumentation support. (#2245)Dana Robinson2022-11-093-114/+4
| | | | | | | | | | | * Removes MPE instrumentation support. The Autotools will no longer accept --with-mpe= and the logging commands have been removed from the FUNC_ENTER macros. CMake has never supported instrumenting for MPE. * Committing clang-format changes Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* H5O__pline_decode() Make more resilient to out-of-bounds read (#2210)Egbert Eich2022-11-092-2/+18
| | | | | | | | | | | | | Malformed hdf5 files may have trunkated content which does not match the expected size. When this function attempts to decode these it may read past the end of the allocated space leading to heap overflows as bounds checking is incomplete. Make sure each element is within bounds before reading. This fixes CVE-2019-8396 / HDFFV-10712 / github bug #2209. Signed-off-by: Egbert Eich <eich@suse.com> Signed-off-by: Egbert Eich <eich@suse.com>
* Removes dmalloc support (#2239)Dana Robinson2022-11-092-8/+0
| | | | | | | | | | This has not been used to debug the library in a very long time. Most developers use valgrind, -fsanitize=address, or some other memory checker instead of this library. This removes: * dmalloc.h include from H5private.h * --with-dmalloc= Autotools configure option * HDF5_ENABLE_USING_DMALLOC CMake option
* Removes the memory allocation sanity checks feature (#2218)Dana Robinson2022-11-038-534/+22
| | | | | | | | | | | | | | | * Removes the memory allocation sanity checks feature * Committing clang-format changes * Removes zero size checks for H5MM_(c|m)alloc() * Explicitly return NULL when size == 0 in H5allocate_memory() * Committing clang-format changes * Format fix Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* correct H5Ropen_object_reference (#2212)Scot Breitenfeld2022-11-031-1/+1
|
* Fixed a Doxygen param in H5EScancel (#2213)Dana Robinson2022-11-031-1/+1
|
* Use ctest_test and APPEND to correctly report passed and failed test numbers ↵Larry Knox2022-11-021-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | in CDash (#2208) * Change how HPC tests are executed * Move ctest_test commands for serial and parallel tests into cmake files. * Update checks for uploading Test.xml to CDash. * Correct cmake scripots. * Remove extraneous characters. * Add ctest_start (APPEND). * Add binary directories to scripts running ctest_test. * Correct parameters for appending Test.xml. * Set CTEST_SITE and CTEST_BUILD_NAME. * Try to pass site and build_name to ctest_test sripts. * Add site name and build name for ctest_test commands vi environment. * Revert "Try to pass site and build_name to ctest_test sripts." This reverts commit d364aaf0fa65ee7f9e222b2633ee916d50afbc42. * Correct typo in src/CMakeLists.txt. * Update batch scripts to run ctest_test scripts. Co-authored-by: Allen Byrne <byrn@hdfgroup.org>