Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4:Update
hdf5.26545
H5O_dtype_decode_helper-Parent-of-enum-needs-to...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File H5O_dtype_decode_helper-Parent-of-enum-needs-to-have-same-size-as-enum-itself.patch of Package hdf5.26545
From: Egbert Eich <eich@suse.com> Date: Wed Sep 28 14:54:58 2022 +0200 Subject: H5O_dtype_decode_helper: Parent of enum needs to have same size as enum itself Patch-mainline: Not yet Git-repo: https://github.com/HDFGroup/hdf5 Git-commit: 9dddcb0c73cc9d42adcc9454e6d0eda782a31a55 References: The size of the enumeration values is determined by the size of the parent. Functions accessing the enumeration values use the size of the enumartion to determine the size of each element and how much data to copy. Thus the size of the enumeration and its parent need to match. Check here to avoid unpleasant surprises later. This fixes CVE-2018-14031. Signed-off-by: Egbert Eich <eich@suse.com> Signed-off-by: Egbert Eich <eich@suse.de> --- src/H5Odtype.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/H5Odtype.c b/src/H5Odtype.c index ac0341076e..1942585fac 100644 --- a/src/H5Odtype.c +++ b/src/H5Odtype.c @@ -459,6 +459,9 @@ H5O_dtype_decode_helper(H5F_t *f, unsigned *ioflags /*in,out*/, const uint8_t ** if (H5O_dtype_decode_helper(f, ioflags, pp, dt->shared->parent) < 0) HGOTO_ERROR(H5E_DATATYPE, H5E_CANTDECODE, FAIL, "unable to decode parent datatype") + if (dt->shared->parent->shared->size != dt->shared->size) + HGOTO_ERROR(H5E_DATATYPE, H5E_CANTDECODE, FAIL, "ENUM size does not match parent") + /* Check if the parent of this enum has a version greater than the * enum itself. */ H5O_DTYPE_CHECK_VERSION(dt, version, dt->shared->parent->shared->version, ioflags, "enum", FAIL)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor