| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
* Hardens v1 B-tree deserialize function
* Harden the H5HL deserialize functionality
|
| |
|
|
| |
* Adds bounds checking to H5Odtype.c
* Minor tidy of dtypes test
|
| |
|
|
|
| |
* Add buffer bounds checks
* Convert asserts to real error handling to better detect broken files
* General cleanup
|
| | |
|
| |
|
|
|
| |
Adds:
* Bounds checks on buffer access
* Better memory cleanup
|
| |
|
|
| |
* Add bounds checking
* Add memory cleanup
|
| | |
|
| |
|
|
| |
* Use the H5_IS_BUFFER_OVERFLOW macro
* Attempt to close local heap on errors if left open
|
| | |
|
| | |
|
| |
|
|
| |
* Check buffer bounds
* Clean up memory on errors
|
| |
|
|
| |
Adds bounds checking on the buffer in the attribute info message's
decode function (H5O__ainfo_decode).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Malformed object header continuation messages can result in a too-small
buffer being passed to the decode function, which could lead to reading
past the end of the buffer. Additionally, errors in processing these
malformed messages can lead to allocated memory not being cleaned up.
This fix adds bounds checking and cleanup code to the object header
continuation message processing.
Fixes #2604
|
| |
|
| |
* More cache macro parameter consistency
|
| |
|
| |
* Pass failure value consistently to all macro errors
|
| |
|
|
|
|
| |
* Move cache image stats macros to cache image source file
* Disable formatting on the macros
|
| |
|
| |
* Make cache macro parameter names more consistent
|
| | |
|
| |
|
|
|
|
| |
* Fixed GH-2603, heap-buffer-overflow in H5O__linfo_decode
Verified with valgrind -v --tool=memcheck --leak-check=full h5dump POV-GH-2603
The several invalid reads shown originally are now gone.
|
| |
|
| |
* Remove unused macros
|
| |
|
| |
* Remove dead code for H5C__SLIST_OPT_ENABLED
|
| |
|
| |
* Refactor H5C__entry_in_skip_list to package scope
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Correct concurrency bugs when running tests, along with a bugfix & small
warning cleanup.
* Committing clang-format changes
* Allow spaces (and tabs) in VOL connector info string from environment variable.
* Parse connector name from HDF5_PLUGIN_PATH environment variable better
* Correct H5VLquery_optional to use H5VL routine instead of H5I. Also add an
error message to the failure return value from not finding a plugin.
* Play nice with existing plugin paths
* Use API routine to determine if native connector is terminal.
* Committing clang-format changes
* Make string size larger, to allow for connectors with longer names.
* Be more flexible about testing external pass through connectors, especially if
they have registered new optional operations.
* Make cache validation routines package local
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: AWS ParallelCluster user <ec2-user@ip-10-0-0-65.us-east-2.compute.internal>
Co-authored-by: Koziol <qkoziol@88665a374c70.ant.amazon.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix for github issue #2599:
As indicated in the description, memory leak is detected when running "./h5dump pov".
The problem is: when calling H5O__add_cont_msg() from H5O__chunk_deserialize(),
memory is allocated for cont_msg_info->msgs. Eventually, when the library tries to load
the continuation message via H5AC_protect() in H5O_protect(), error is
encountered due to illegal info in the continuation message.
Due to the error, H5O_protect() exits but the memory allocated for cont_msg_info->msgs is not freed.
When we figure out how to handle fuzzed files that we didn't generate,
a test needs to be added to run h5dump with the provided "pov" file.
* Add message to release notes for the fix to github issue #2599.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Correct concurrency bugs when running tests, along with a bugfix & small
warning cleanup.
* Committing clang-format changes
* Allow spaces (and tabs) in VOL connector info string from environment variable.
* Parse connector name from HDF5_PLUGIN_PATH environment variable better
* Correct H5VLquery_optional to use H5VL routine instead of H5I. Also add an
error message to the failure return value from not finding a plugin.
* Play nice with existing plugin paths
* Use API routine to determine if native connector is terminal.
* Committing clang-format changes
* Make string size larger, to allow for connectors with longer names.
* Be more flexible about testing external pass through connectors, especially if
they have registered new optional operations.
* Bring style closer to library's agreed coding style
* Committing clang-format changes
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: AWS ParallelCluster user <ec2-user@ip-10-0-0-65.us-east-2.compute.internal>
Co-authored-by: Koziol <qkoziol@88665a374c70.ant.amazon.com>
|
| |
|
|
| |
(#2602) (#2687)
|
| | |
|
| |
|
| |
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
|
| | |
|
| |
|
| |
* Clean up content and redundant logging in comments.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Convert asserts to error handling in efl decode
The function that decodes external data files object header messages
would call assert() when parsing malformed files, causing applications
to crash when linked against the debug library.
This change converts these assert() calls to HDF5 error checks, so
the messages are sanity checked in both release and debug mode and
debug mode no longer crashes applications.
Also cleaned up some error handling usage and debug checks.
* Free memory on H5O efl decode errors
* Add buffer size checks to efl msg decode
* Add parentheses to math expressions
Fixes GitHub #2605
|
| |
|
|
|
| |
* Avoid suppressing error output for non-tentative file opens
* Update comment about tentative file opens
|
| | |
|
| |
|
|
| |
* Duplicated HDF_RESOURCES_DIR from cmake_ext_mod merge
* Typos in comments
|
| |
|
|
|
| |
Fix multiple bugs with the SELECT_IOC_EVERY_NTH_RANK and
SELECT_IOC_TOTAL I/O concentrator selection strategies and add a
regression test for them
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* reviewed H5A
* Addressed various grammar issues.
* remove double words, spelling fixes
* replace the use of rawdata with raw data
|
| | |
|
| | |
|
| |
|
|
|
| |
(#2512)
Forward port of 9f252f1 from #2329
|
| |
|
|
|
| |
* Fix new codespell issues
* Have codespell ignore ./config/sanitizer/sanitizers.cmake
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Remove duplicate code
Signed-off-by: Egbert Eich <eich@suse.com>
* Add test case for CVE-2021-37501
Bogus sizes in this test case causes the on-disk data size
calculation in H5O__attr_decode() to overflow so that the
calculated size becomes 0. This causes the read to overflow
and h5dump to segfault.
This test case was crafted, the test file was not directly
generated by HDF5.
Test case from:
https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md
|
