Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 454950 Details for
Bug 601420
<sci-libs/hdf5-1.8.18: H5T_COMPOUND heap buffer overflow (CVE-2016-4333)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
hdf5-1.8.17-CVE-2016-4333.patch
hdf5-1.8.17-CVE-2016-4333.patch (text/plain), 1.14 KB, created by
Chris White
on 2016-12-03 08:29:38 UTC
(
hide
)
Description:
hdf5-1.8.17-CVE-2016-4333.patch
Filename:
MIME Type:
Creator:
Chris White
Created:
2016-12-03 08:29:38 UTC
Size:
1.14 KB
patch
obsolete
>--- hdf5-1.8.17/src/H5Odtype.c 2016-04-26 05:43:33.000000000 -0700 >+++ hdf5-1.8.18/src/H5Odtype.c 2016-11-04 11:41:07.000000000 -0700 >@@ -310,7 +310,11 @@ > if(version == H5O_DTYPE_VERSION_1) { > /* Decode the number of dimensions */ > ndims = *(*pp)++; >- HDassert(ndims <= 4); >+ >+ /* Check that ndims is valid */ >+ if(ndims > 4) >+ HGOTO_ERROR(H5E_DATATYPE, H5E_BADTYPE, FAIL, "invalid number of dimensions for array") >+ > *pp += 3; /*reserved bytes */ > > /* Skip dimension permutation */ >@@ -518,7 +522,8 @@ > dt->shared->u.array.ndims = *(*pp)++; > > /* Double-check the number of dimensions */ >- HDassert(dt->shared->u.array.ndims <= H5S_MAX_RANK); >+ if(dt->shared->u.array.ndims > H5S_MAX_RANK) >+ HGOTO_ERROR(H5E_DATATYPE, H5E_CANTLOAD, FAIL, "too many dimensions for array datatype") > > /* Skip reserved bytes, if version has them */ > if(version < H5O_DTYPE_VERSION_3)
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 601420
: 454950