71 lines
2.1 KiB
Diff
71 lines
2.1 KiB
Diff
From 7add52ff4f2443357648d53d52add274d1b18b5f Mon Sep 17 00:00:00 2001
|
|
From: Binh-Minh Ribler <bmribler@hdfgroup.org>
|
|
Date: Wed, 20 Mar 2019 14:03:48 -0500
|
|
Subject: [PATCH] Fixed HDFFV-10210 and HDFFV-10587 Description: - Added
|
|
parameter validation (HDFFV-10210) - Added detection of division by zero
|
|
(HDFFV-10587 - CVE-2018-17438) - Fixed typos in various tests Platforms
|
|
tested: Linux/64 (jelly) Linux/64 (platypus) Darwin (osx1011test)
|
|
|
|
---
|
|
src/H5Dselect.c | 2 ++
|
|
src/H5I.c | 3 +++
|
|
test/tid.c | 15 +++++++++++++++
|
|
3 files changed, 20 insertions(+)
|
|
|
|
diff --git a/src/H5Dselect.c b/src/H5Dselect.c
|
|
index 7e86b9d..84cd849 100644
|
|
--- a/src/H5Dselect.c
|
|
+++ b/src/H5Dselect.c
|
|
@@ -220,6 +220,8 @@ H5D__select_io(const H5D_io_info_t *io_info, size_t elmt_size,
|
|
|
|
/* Decrement number of elements left to process */
|
|
HDassert(((size_t)tmp_file_len % elmt_size) == 0);
|
|
+ if(elmt_size == 0)
|
|
+ HGOTO_ERROR(H5E_DATASPACE, H5E_BADVALUE, FAIL, "Resulted in division by zero")
|
|
nelmts -= ((size_t)tmp_file_len / elmt_size);
|
|
} /* end while */
|
|
} /* end else */
|
|
diff --git a/src/H5I.c b/src/H5I.c
|
|
index 2a4a38c..5cc8e69 100644
|
|
--- a/src/H5I.c
|
|
+++ b/src/H5I.c
|
|
@@ -406,6 +406,9 @@ H5Itype_exists(H5I_type_t type)
|
|
FUNC_ENTER_API(FAIL)
|
|
H5TRACE1("t", "It", type);
|
|
|
|
+ if(H5I_IS_LIB_TYPE(type))
|
|
+ HGOTO_ERROR(H5E_ATOM, H5E_BADGROUP, FAIL, "cannot call public function on library type")
|
|
+
|
|
if(type <= H5I_BADID || type >= H5I_next_type)
|
|
HGOTO_ERROR(H5E_ARGS, H5E_BADRANGE, FAIL, "invalid type number")
|
|
|
|
diff --git a/test/tid.c b/test/tid.c
|
|
index c98514b..aca32fd 100644
|
|
--- a/test/tid.c
|
|
+++ b/test/tid.c
|
|
@@ -224,6 +224,21 @@ static int basic_id_test(void)
|
|
goto out;
|
|
H5E_END_TRY
|
|
|
|
+ /* Test that H5Itype_exists cannot be called on library types because
|
|
+ * it is a public function
|
|
+ */
|
|
+ H5E_BEGIN_TRY
|
|
+ err = H5Itype_exists(H5I_GROUP);
|
|
+ if(err >= 0)
|
|
+ goto out;
|
|
+ H5E_END_TRY
|
|
+
|
|
+ H5E_BEGIN_TRY
|
|
+ err = H5Itype_exists(H5I_ATTR);
|
|
+ if(err >= 0)
|
|
+ goto out;
|
|
+ H5E_END_TRY
|
|
+
|
|
return 0;
|
|
|
|
out:
|
|
--
|
|
2.23.0
|
|
|