pool/hdf5
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3a3edf29d5
hdf5/Make-sure-info-block-for-external-links-has-at-least-3-bytes.patch
Atri Bhattacharya a0635c9ad7 Accepting request 1030627 from home:eeich:branches:science 
- Fix CVEs:
  * CVE-2021-46244 (bsc#1195215)
    Compound-datatypes-may-not-have-members-of-size-0.patch
  * CVE-2018-13867 (bsc#1101906)
    Validate-location-offset-of-the-accumulated-metadata-when-comparing.patch
  * CVE-2018-16438 (bsc#1107069)
    Make-sure-info-block-for-external-links-has-at-least-3-bytes.patch
  * CVE-2020-10812 (bsc#1167400)
    Hot-fix-for-CVE-2020-10812.patch
  * CVE-2021-45830 (bsc#1194375)
    H5O_fsinfo_decode-Make-more-resilient-to-out-of-bounds-read.patch
  * CVE-2019-8396 (bsc#1125882)
    H5O__pline_decode-Make-more-resilient-to-out-of-bounds-read.patch
  * CVE-2018-11205 (bsc#1093663)
    Pass-compact-chunk-size-info-to-ensure-requested-elements-are-within-bounds.patch
  * CVE-2021-46242 (bsc#1195212)
    When-evicting-driver-info-block-NULL-the-corresponding-entry.patch
  * CVE-2021-45833 (bsc#1194366)
    Report-error-if-dimensions-of-chunked-storage-in-data-layout-2.patch
  * CVE-2018-14031 (bsc#1101475)
    H5O_dtype_decode_helper-Parent-of-enum-needs-to-have-same-size-as-enum-itself.patch
  * CVE-2018-17439 (bsc#1111598)
    H5IMget_image_info-H5Sget_simple_extent_dims-does-not-exceed-array-size.patch
- Fix an error message:
    Fix-error-message-not-the-name-but-the-link-information-is-parsed.patch

OBS-URL: https://build.opensuse.org/request/show/1030627
OBS-URL: https://build.opensuse.org/package/show/science/hdf5?expand=0&rev=159
2022-10-24 06:53:22 +00:00

35 lines
1.4 KiB
Diff
Raw Blame History

From: Egbert Eich <eich@suse.com>
Date: Sun Oct 9 08:07:23 2022 +0200
Subject: Make sure info block for external links has at least 3 bytes
Patch-mainline: Not yet
Git-repo: ssh://eich@192.168.122.1:/home/eich/sources/HPC/hdf5
Git-commit: 082bfe392b04b1137da9eabd1ecac76c212ab385
References:
According to the specification, the information block for external links
contains 1 byte of version/flag information and two 0 terminated strings
for the object linked to and the full path.
Although not very useful, the minimum string length for each would be one
byte.
This fixes CVE-2018-16438.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.de>
---
src/H5Olink.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/H5Olink.c b/src/H5Olink.c
index 51c44a36b0..074744b022 100644
--- a/src/H5Olink.c
+++ b/src/H5Olink.c
@@ -241,6 +241,8 @@ H5O__link_decode(H5F_t *f, H5O_t H5_ATTR_UNUSED *open_oh, unsigned H5_ATTR_UNUSE
/* A UD link. Get the user-supplied data */
UINT16DECODE(p, len)
lnk->u.ud.size = len;
+ if (lnk->type == H5L_TYPE_EXTERNAL && len < 3)
+ HGOTO_ERROR(H5E_OHDR, H5E_OVERFLOW, NULL, "external link information lenght < 3")
if (len > 0) {
/* Make sure that length doesn't exceed buffer size, which could
occur when the file is corrupted */
Reference in New Issue View Git Blame Copy Permalink