- added comment to explain a kluge

- added the associated entry to release notes
2025-02-23 16:20:57 +08:00 · 2020-06-29 14:16:35 -05:00 · 2020-06-29 14:16:35 -05:00 · 7c006fd761
commit 7c006fd761
parent 785a1cef0c
2 changed files with 11 additions and 1 deletions
--- a/release_docs/RELEASE.txt
+++ b/release_docs/RELEASE.txt
@ -631,7 +631,15 @@ Bug Fixes since HDF5-1.10.3 release

    Library
    -------
-    - Fixed the decoding of an attribute message to prevent a segfault by h52gif
+    - Fixed CVE-2020-10810
+
+      The tool h5clear produced a segfault during an error recovery in
+      the superblock decoding.  An internal pointer was reset to prevent
+      further accessing when it is not assigned with a value.
+
+      (BMR - 2020/6/29, HDFFV-11053)
+
+    - Fixed CVE-2018-17435

      The tool h52gif produced a segfault when the size of an attribute
      message was corrupted and caused a buffer overflow.
--- a/src/H5Fsuper.c
+++ b/src/H5Fsuper.c
@ -898,7 +898,9 @@ H5F__super_read(H5F_t *f, H5P_genplist_t *fa_plist, hbool_t initial_read)
                    else {
                        if(H5F__super_ext_remove_msg(f, H5O_FSINFO_ID) < 0)
                        {
+#if 1 /* when removing "KLUGE ALERT" above, tidy this up as well */ /* BMR */
                            f->shared->sblock = NULL;
+#endif /* BMR */

                            HGOTO_ERROR(H5E_FILE, H5E_CANTDELETE, FAIL,  "error in removing message from superblock extension")
                        }