From 7c006fd7617d54ab1b97e9aa1d7d8600385f3f3f Mon Sep 17 00:00:00 2001
From: Binh-Minh Ribler <bmribler@hdfgroup.org>
Date: Mon, 29 Jun 2020 14:16:35 -0500
Subject: - added comment to explain a kluge - added the associated entry to
 release notes

---
 release_docs/RELEASE.txt | 10 +++++++++-
 src/H5Fsuper.c           |  2 ++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt
index 72cab28..d9267e8 100644
--- a/release_docs/RELEASE.txt
+++ b/release_docs/RELEASE.txt
@@ -631,7 +631,15 @@ Bug Fixes since HDF5-1.10.3 release
 
     Library
     -------
-    - Fixed the decoding of an attribute message to prevent a segfault by h52gif
+    - Fixed CVE-2020-10810
+
+      The tool h5clear produced a segfault during an error recovery in
+      the superblock decoding.  An internal pointer was reset to prevent
+      further accessing when it is not assigned with a value.
+
+      (BMR - 2020/6/29, HDFFV-11053)
+
+    - Fixed CVE-2018-17435
 
       The tool h52gif produced a segfault when the size of an attribute
       message was corrupted and caused a buffer overflow.
diff --git a/src/H5Fsuper.c b/src/H5Fsuper.c
index 40e93ec..459a046 100644
--- a/src/H5Fsuper.c
+++ b/src/H5Fsuper.c
@@ -898,7 +898,9 @@ H5F__super_read(H5F_t *f, H5P_genplist_t *fa_plist, hbool_t initial_read)
                     else {
                         if(H5F__super_ext_remove_msg(f, H5O_FSINFO_ID) < 0)
                         {
+#if 1 /* when removing "KLUGE ALERT" above, tidy this up as well */ /* BMR */
                             f->shared->sblock = NULL;
+#endif /* BMR */
 
                             HGOTO_ERROR(H5E_FILE, H5E_CANTDELETE, FAIL,  "error in removing message from superblock extension")
                         }
-- 
cgit v0.12