From 31c26e72c524c98c3f2e84f1cf34af150aefa9bb Mon Sep 17 00:00:00 2001 From: jhendersonHDF Date: Thu, 23 Mar 2023 22:55:34 -0500 Subject: Fix a memory corruption issue in H5S__point_project_simple (#2626) --- release_docs/RELEASE.txt | 14 ++++++++++++++ src/H5Spoint.c | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index b4d8cb2..8249a8c 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -141,6 +141,20 @@ Bug Fixes since HDF5-1.13.3 release =================================== Library ------- + - Fixed a memory corruption issue that can occur when reading + from a dataset using a hyperslab selection in the file + dataspace and a point selection in the memory dataspace + + When reading from a dataset using a hyperslab selection in + the dataset's file dataspace and a point selection in the + dataset's memory dataspace where the file dataspace's "rank" + is greater than the memory dataspace's "rank", memory corruption + could occur due to an incorrect number of selection points + being copied when projecting the point selection onto the + hyperslab selection's dataspace. + + (JTH - 2023/03/23) + - Fixed issues in the Subfiling VFD when using the SELECT_IOC_EVERY_NTH_RANK or SELECT_IOC_TOTAL I/O concentrator selection strategies diff --git a/src/H5Spoint.c b/src/H5Spoint.c index b10b7da..1c3697c 100644 --- a/src/H5Spoint.c +++ b/src/H5Spoint.c @@ -2319,7 +2319,7 @@ H5S__point_project_simple(const H5S_t *base_space, H5S_t *new_space, hsize_t *of /* Copy over the point's coordinates */ HDmemset(new_node->pnt, 0, sizeof(hsize_t) * rank_diff); H5MM_memcpy(&new_node->pnt[rank_diff], base_node->pnt, - (new_space->extent.rank * sizeof(hsize_t))); + (base_space->extent.rank * sizeof(hsize_t))); /* Keep the order the same when copying */ if (NULL == prev_node) -- cgit v0.12