Fixed HDFFV-10210 and HDFFV-10587

Description: - Added parameter validation (HDFFV-10210) - Added detection of division by zero (HDFFV-10587 - CVE-2018-17438) - Fixed typos in various tests Platforms tested: Linux/64 (jelly) Linux/64 (platypus) Darwin (osx1011test)
2025-03-19 16:50:46 +08:00 · 2019-03-20 14:03:48 -05:00 · 2019-03-20 14:03:48 -05:00 · 7add52ff4f
commit 7add52ff4f
parent 55d1931dc6
5 changed files with 23 additions and 3 deletions
--- a/c++/test/tobject.cpp
+++ b/c++/test/tobject.cpp
@ -609,10 +609,10 @@ static void test_getobjectinfo_same_file()
    catch (Exception& E)
    {
        cerr << " in Exception " << E.getCFuncName() << "detail: " << E.getCDetailMsg() << endl;
-        issue_fail_msg("test_file_name()", __LINE__, __FILE__, E.getCDetailMsg());
+        issue_fail_msg("test_getobjectinfo_same_file()", __LINE__, __FILE__, E.getCDetailMsg());
    }

-}   // test_h5o_getinfo_same_file
+}   // test_getobjectinfo_same_file

 /*-------------------------------------------------------------------------
 * Function:    test_object
--- a/src/H5Dselect.c
+++ b/src/H5Dselect.c
@ -227,6 +227,8 @@ H5D__select_io(const H5D_io_info_t *io_info, size_t elmt_size,

            /* Decrement number of elements left to process */
            HDassert(((size_t)tmp_file_len % elmt_size) == 0);
+            if(elmt_size == 0)
+                HGOTO_ERROR(H5E_DATASPACE, H5E_BADVALUE, FAIL, "Resulted in division by zero")
            nelmts -= ((size_t)tmp_file_len / elmt_size);
        } /* end while */
    } /* end else */
--- a/src/H5I.c
+++ b/src/H5I.c
@ -355,6 +355,9 @@ H5Itype_exists(H5I_type_t type)
    FUNC_ENTER_API(FAIL)
    H5TRACE1("t", "It", type);

+    if(H5I_IS_LIB_TYPE(type))
+        HGOTO_ERROR(H5E_ATOM, H5E_BADGROUP, FAIL, "cannot call public function on library type")
+
    if (type <= H5I_BADID || type >= H5I_next_type)
        HGOTO_ERROR(H5E_ARGS, H5E_BADRANGE, FAIL, "invalid type number")

--- a/test/tid.c
+++ b/test/tid.c
@ -224,6 +224,21 @@ static int basic_id_test(void)
            goto out;
    H5E_END_TRY

+    /* Test that H5Itype_exists cannot be called on library types because
+     * it is a public function
+     */
+    H5E_BEGIN_TRY
+        err = H5Itype_exists(H5I_GROUP);
+        if(err >= 0)
+            goto out;
+    H5E_END_TRY
+
+    H5E_BEGIN_TRY
+        err = H5Itype_exists(H5I_ATTR);
+        if(err >= 0)
+            goto out;
+    H5E_END_TRY
+
    return 0;

 out:
--- a/test/titerate.c
+++ b/test/titerate.c
@ -946,7 +946,7 @@ find_err_msg_cb(unsigned n, const H5E_error2_t *err_desc, void *_client_data)

    if (searched_err == NULL)
        return -1;
-    
+
    /* If the searched error message is found, stop the iteration */
    if (err_desc->desc != NULL && strcmp(err_desc->desc, searched_err->message) == 0)
    {