Description:
HDFFV-10586 CVE-2018-17434 Divide by zero inh5repack_filters
Added a check for zero value
HDFFV-10588 CVE-2018-17437 Memory leak in H5O_dtype_decode_helper
This is actually an Invalid read issue. It was found that the
attribute name length in an attribute message was corrupted,
which caused the buffer pointer to be advanced too far and later
caused an invalid read.
Added a check to detect attribute name and its length mismatch. The
fix is not perfect, but it'll reduce the chance of this issue when a
name length is corrupted or the attribute name is corrupted.
Platforms tested:
Linux/64 (jelly)
Linux/64 (platypus)
Darwin (osx1010test)
* commit '90d13bef33f9e2e80b23996a0c39f16f7c34ecf8':
Fixed typo Platforms tested: Darwin (osx1010test)
Refixed HDFFV-10578 Description: Applied Neil's fix for this issue after removing previous attempt. The resources are now released in init_objs() when failure occurs there. Neil will fix HDFFV-10676 separately. Platforms tested: Linux/64 (jelly) Linux/64 (platypus) Darwin (osx1010test)
Removed previous change in H5O__chunk_deserialize().
Removed the previous change in H5O__chunk_deserialize()
Removed previous change in table_list_add().
Removed the previous change in table_list_add()
Updated per review Description: HDFFV-10676 - CVE-2018-13873 Changed the new assert to if statement, per Dana's comment. Platforms tested: Linux/64 (jelly)
HDFFV-10578 and HDFFV-10676 Description: HDFFV-10578 - CVE-2018-17234 The file has some issue, however, there was a bug in h5dump that caused memory leaks after the problem in the file was encountered. The bug was that an if statement was missing in the function table_list_add() resulting in the memory not being freed at a later time. After the fix had been applied, there were no more leaks after h5dump detected the issue in the file and reported the error.
* commit 'b02de315b93ac29d2483a91d526b110a25073505':
NNSA Tri-LabsTRILAB-98: Another two test cases out.
NNSA Tri-Labs TRILAB-98: Taking out a few more test cases.
NNSA Tri-Labs TRILAB-98 dt_arith and cpp_testhdf5 tests fail on sierra.llnl.gov: According to the group decision, simply provide a macro to disable some failing test cases on sierra (IBM power9 cpu). All failing cases involve long double data type.
* commit 'b4d4d371a03158c39f120b1bde6c4bd51f1b2eb6':
HDFFV-10443: Add "field" parameter to H5Oinfo* and H5Ovisit* APIs.
Added chunked dataset, H5S_ALL test
typo
typo
updated defined constants
Documented HDFFV-10652
HDFFV-10652 Implemented a process-0 read and then broadcast for collective read of full datasets (H5S_ALL) by all the processes in the file communicator.
Removed reason for breaking read-proc0-and-bcast
switched to using CX instead of a global var.
HDFFV-10652 Implemented a process-0 read and then broadcast for collective read of full datasets (H5S_ALL) by all the processes in the file communicator.
