| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
~BMRIBLER/hdf5_bmr_fixbug:develop to develop
HDFFV-10586 and HDFFV-10588
* commit '25cd1ab02b9ddaf58a4f5422f4ab4fde411e050a':
Added test for HDFFV-10588
Fixed HDFFV-10684
Fixed HDFFV-10586 and HDFFV-10588 Description: HDFFV-10586 CVE-2018-17434 Divide by zero inh5repack_filters Added a check for zero value HDFFV-10588 CVE-2018-17437 Memory leak in H5O_dtype_decode_helper This is actually an Invalid read issue. It was found that the attribute name length in an attribute message was corrupted, which caused the buffer pointer to be advanced too far and later caused an invalid read. Added a check to detect attribute name and its length mismatch. The fix is not perfect, but it'll reduce the chance of this issue when a name length is corrupted or the attribute name is corrupted. Platforms tested: Linux/64 (jelly) Linux/64 (platypus) Darwin (osx1010test)
|
| |\
| | |
| | |
| | | |
https://bitbucket.hdfgroup.org/scm/~bmribler/hdf5_bmr_fixbug into develop
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Description:
HDFFV-10586 CVE-2018-17434 Divide by zero inh5repack_filters
Added a check for zero value
HDFFV-10588 CVE-2018-17437 Memory leak in H5O_dtype_decode_helper
This is actually an Invalid read issue. It was found that the
attribute name length in an attribute message was corrupted,
which caused the buffer pointer to be advanced too far and later
caused an invalid read.
Added a check to detect attribute name and its length mismatch. The
fix is not perfect, but it'll reduce the chance of this issue when a
name length is corrupted or the attribute name is corrupted.
Platforms tested:
Linux/64 (jelly)
Linux/64 (platypus)
Darwin (osx1010test)
|
| | | |
|
| |/
|/| |
|
|\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
~BMRIBLER/hdf5_bmr_fixbug:develop to develop
* commit '90d13bef33f9e2e80b23996a0c39f16f7c34ecf8':
Fixed typo Platforms tested: Darwin (osx1010test)
Refixed HDFFV-10578 Description: Applied Neil's fix for this issue after removing previous attempt. The resources are now released in init_objs() when failure occurs there. Neil will fix HDFFV-10676 separately. Platforms tested: Linux/64 (jelly) Linux/64 (platypus) Darwin (osx1010test)
Removed previous change in H5O__chunk_deserialize().
Removed the previous change in H5O__chunk_deserialize()
Removed previous change in table_list_add().
Removed the previous change in table_list_add()
Updated per review Description: HDFFV-10676 - CVE-2018-13873 Changed the new assert to if statement, per Dana's comment. Platforms tested: Linux/64 (jelly)
HDFFV-10578 and HDFFV-10676 Description: HDFFV-10578 - CVE-2018-17234 The file has some issue, however, there was a bug in h5dump that caused memory leaks after the problem in the file was encountered. The bug was that an if statement was missing in the function table_list_add() resulting in the memory not being freed at a later time. After the fix had been applied, there were no more leaks after h5dump detected the issue in the file and reported the error.
|
| |
| |
| |
| |
| | |
Platforms tested:
Darwin (osx1010test)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Description:
Applied Neil's fix for this issue after removing previous
attempt. The resources are now released in init_objs() when
failure occurs there.
Neil will fix HDFFV-10676 separately.
Platforms tested:
Linux/64 (jelly)
Linux/64 (platypus)
Darwin (osx1010test)
|
| | |
|
| | |
|
| |\
| | |
| | |
| | | |
https://bitbucket.hdfgroup.org/scm/~bmribler/hdf5_bmr_fixbug into develop
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Description:
HDFFV-10578 - CVE-2018-17234
The file has some issue, however, there was a bug in h5dump that caused
memory leaks after the problem in the file was encountered. The bug
was that an if statement was missing in the function table_list_add()
resulting in the memory not being freed at a later time.
After the fix had been applied, there were no more leaks after h5dump
detected the issue in the file and reported the error.
In H5O__chunk_deserialize, replaced an assert with an if statement
and reporting error, per Neil's recommendation
HDFFV-10676 - CVE-2018-13873
Also in H5O__chunk_deserialize, added an assertion to detect
out of bound ids
|
| |/
|/| |
|
|/ |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit '55e87e5b86aacbb37c57614cd2e869541291caad': (51 commits)
Correct Windows build.
Refactor allocating & releasing pass through wrapper objects.
Fix typo
Remove duplicated comment.
Add a couple of missing prototypes for static routines, along with updating a comment from VOL plugin -> connector.
Switch H5VL_class_value_t from unsigned to int, and add "invalid" ID value.
Correct "make check-vol" regression test target.
Switch H5VL_class_value_t from enum to unsigned integer
Add support for "make check-vol", along with a few minor cleanups, etc.
Refactor infrastructure for setting FAPL information from environment variables during testing, including connecting native, pass-through, and dynamically loaded VOL connectors. Also bring native and pass-through VOL connectors into alignment, removing the "H5VLnative_private.h" header.
Remove example VOL connector, since it's been superceded by the pass-through VOL connector in the src subdirectory.
Add pass-through VOL connector
Update API tracing info for VOL functions and regenerate trace macros for VOL API calls.
Added 'notify' callback for async requests; switched VOL class and info comparison to return comparison value as parameter, so they can return error values; "cancelled" -> "canceled"; switched order of 'wrap_object' and 'free_wrap_ctx' management callbacks.
Add using FAPL from h5_fileaccess() to more tests.
Remove unused test for unimplemented routine.
Switch loc_params to VOL callbacks to pass struct by pointer instead of by value.
Add info_to_str and str_to_info "management" callbacks for serializing and deserializing a connector's info object.
Revert some of the changes to support the original property list value of metadata read attempts.
Add VOL connector info to the flie access property list returned from H5Fget_access_plist(). Also, other misc. cleanups, etc.
...
|
| |\
| | |
| | |
| | | |
stackable_vol
|
| |\ \
| | | |
| | | |
| | | | |
stackable_vol
|
| | | | |
|
| |\ \ \
| | | | |
| | | | |
| | | | | |
stackable_vol
|
| |\ \ \ \
| | | | | |
| | | | | |
| | | | | | |
stackable_vol
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
modified: test/dsets.c
|
| | | | | | |
|
| | | | | | |
|
| |_|_|_|/
|/| | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
use gettimeofday (HDgettimeofday in the HDF5 library).
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
~SONGYULU/hdf5_ray:bugfix/HDFFV-10601-issues-with-chunk-cache-hash to develop
* commit 'cd13d24e5140578a880aebe4e2d8b899179d0870':
HDFFV-10601: I added error checking to the HDF5 functions.
HDFFV10601: Adding performance test to verify the improvement.
HDFFV-10601: I changed to a better way to calculate the number of chunks in a dataset.
HDFFV-10601 Issues with chunk cache hash value calcuation:
|
| | | | | | |
|
| | |_|/ /
| |/| | | |
|
| |_|_|/
|/| | | |
|
|/ / / |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* commit '1652a60fcbe9894d7c34a778fb24dce1979fb9a9':
HDFFV-10605 Only test plugins if SHARED enabled
Correct platforms
Correct extlib depends
Commit version changes for additional files for 1.11.3 snapshot release.
|
| |\ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
* commit '81cb24ac1db0f4936b19067cdb7fa4e14e0d00db':
Commit version changes for additional files for 1.11.3 snapshot release.
|
| | | |/
| | |/| |
|
| |/ / |
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* commit '7db3ea76da5d3b5c237a707b09d1618d3206ba83':
Makes the installed header files the same between the autotools and CMake.
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
and CMake.
* CMake will no longer install private generated headers and tools
library headers.
* Several empty public header files (which represent internal packages)
were removed. These were only installed by CMake.
* Autotools installs will install H5FDwindows.h.
Fixes HDFFV-10614.
|
| | |
|
| | |
|
| | |
|