* Fix for Autotools --disable-deprecated-symbols
When we added v116 as a valid option, we left the default as v114 so
using --disable-deprecated-symbols leads configure to complain that you
can't set a default API that was deprecated.
The GitHub action didn't catch this because it explicitly specifies v116
This only affects develop w/ the Autotools when
--disable-deprecated-symbols is requested.
* Added v116 & default to the --with-default-api-version help string
The Autotools --with-default-api-version help string was missing v116.
This has been added, as well as a "default" target so the CI can catch
version problems when we forget to update the defaults upon creating
a new major version.
The GitHub CI also now uses "default" as the target for the deprecated
symbols build.
* Fixes the 1.14 API GitHub CI threadsafe/build_mode
This action still had the bug we fixed where we set the build mode
and threadsafety using an array of size one instead of an object.
* Partial work towards cleaning up the onion VFD code
* Committing clang-format changes
* A few minor tweaks to the onion VFD public header
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* H5F_LIBVER_LATEST changes for move to 1.15
* Add new default api check
* Format fixes
* Fix default configure
* fix lib version tests
* Fix another version variable
* Add 1.14 doc link
* Fix up the H5Pencode2 test for virtual layout.
* Committing clang-format changes
* Remove VERIFY and use TEST_ERROR.
Co-authored-by: vchoi <vchoi@jelly.ad.hdfgroup.org>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC) producing a core dump.
When h5debug closes the corrupted file, the library calls H5F__dest() which performs all the
closing operations for the file "f" (H5F_t *) but just keeping note of errors in "ret_value"
all the way till the end of the routine. The user-provided corrupted file has an illegal
file size causing failure when reading the image during the closing process.
At the end of this routine it sets f->shared to NULL and then frees "f".
This is done whether there is error or not in "ret_value".
Due to the failure in reading the file earlier, the routine then returns error.
The error return from H5F__dest() causes the file object "f" not being removed from the
ID node table. When the library finally exits, it will try to close the
file objects in the table. This causes assert failure when H5F_ID_EXISTS(f) or H5F_NREFS(f).
Fix:
a) H5F_dest(): free the f only when there is no error in "ret_value" at the end of the routine.
b) H5VL__native_file_close(): if f->shared is NULL, free "f"; otherwise, perform closing on "f" as before.
c) h5debug.c main(): track error return from H5Fclose().
* Committing clang-format changes
* Add test and release note info for fix to HDFFV-11052 which is merged via PR#2291.
* Committing clang-format changes
* Add the test file to Cmake.
* Skip test_misc37() for drivers that is not default compatible as it is using a pre-generated file.
* Committing clang-format changes
Co-authored-by: vchoi <vchoi@jelly.ad.hdfgroup.org>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Converts the YAML build mode arrays to objects in special runs
* Adds a dump of the matrix context for each test
This would have made it a LOT easier to debug the build_mode issues...
* Disable the mirror VFD in the -Werror checks
We can re-enable this after we fix the warnings, but I don't want to
conflate code and GitHub changes, so this is a better way to get the
CI to pass for now.
* Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC) producing a core dump.
When h5debug closes the corrupted file, the library calls H5F__dest() which performs all the
closing operations for the file "f" (H5F_t *) but just keeping note of errors in "ret_value"
all the way till the end of the routine. The user-provided corrupted file has an illegal
file size causing failure when reading the image during the closing process.
At the end of this routine it sets f->shared to NULL and then frees "f".
This is done whether there is error or not in "ret_value".
Due to the failure in reading the file earlier, the routine then returns error.
The error return from H5F__dest() causes the file object "f" not being removed from the
ID node table. When the library finally exits, it will try to close the
file objects in the table. This causes assert failure when H5F_ID_EXISTS(f) or H5F_NREFS(f).
Fix:
a) H5F_dest(): free the f only when there is no error in "ret_value" at the end of the routine.
b) H5VL__native_file_close(): if f->shared is NULL, free "f"; otherwise, perform closing on "f" as before.
c) h5debug.c main(): track error return from H5Fclose().
* Committing clang-format changes
* Add test and release note info for fix to HDFFV-11052 which is merged via PR#2291.
* Committing clang-format changes
* Add the test file to Cmake.
Co-authored-by: vchoi <vchoi@jelly.ad.hdfgroup.org>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Fix for HDFFV-11052: h5debug fails on a corrupted file (h5_nrefs_POC) producing a core dump.
When h5debug closes the corrupted file, the library calls H5F__dest() which performs all the
closing operations for the file "f" (H5F_t *) but just keeping note of errors in "ret_value"
all the way till the end of the routine. The user-provided corrupted file has an illegal
file size causing failure when reading the image during the closing process.
At the end of this routine it sets f->shared to NULL and then frees "f".
This is done whether there is error or not in "ret_value".
Due to the failure in reading the file earlier, the routine then returns error.
The error return from H5F__dest() causes the file object "f" not being removed from the
ID node table. When the library finally exits, it will try to close the
file objects in the table. This causes assert failure when H5F_ID_EXISTS(f) or H5F_NREFS(f).
Fix:
a) H5F_dest(): free the f only when there is no error in "ret_value" at the end of the routine.
b) H5VL__native_file_close(): if f->shared is NULL, free "f"; otherwise, perform closing on "f" as before.
c) h5debug.c main(): track error return from H5Fclose().
* Committing clang-format changes
Co-authored-by: vchoi <vchoi@jelly.ad.hdfgroup.org>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
* Compound datatypes may not have members of size 0
A member size of 0 may lead to an FPE later on as reported in
CVE-2021-46244. To avoid this, check for this as soon as the
member is decoded.
This should probably be done in H5O_dtype_decode_helper() already,
however it is not clear whether all sizes are expected to be != 0.
This fixes CVE-2021-46244 / Bug #2242.
Signed-off-by: Egbert Eich <eich@suse.com>
* Rework error recovery code in H5O__dtype_decode_helper() and
H5O__dtype_decode().
* Format changes for src/H5Odtype.c.
Signed-off-by: Egbert Eich <eich@suse.com>
Co-authored-by: Neil Fortner <nfortne2@hdfgroup.org>
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
* Add compound and refactor out atomic types
* Add Array String tests back
* Convert Attribute version of compound example
* Update transfer atom8ic read to return object
* When evicting driver info block, NULL the corresponding entry
Since H5C_expunge_entry() called (from H5AC_expunge_entry()) sets the flag
H5C__FLUSH_INVALIDATE_FLAG, the driver info block will be freed. NULLing the
pointer in f->shared->drvinfo will prevent use-after-free when it is used in other
functions (like H5F__dest()) - as other places will check whether the pointer is
initialized before using its value.
This fixes CVE-2021-46242 / Bug #2254
Signed-off-by: Egbert Eich <eich@suse.com>
* When evicting the superblock, NULL the corresponding entry
The call to H5AC_expunge_entry() will free the corresonding structure,
to avoid a use-after-free, the corrsponding pointer entry will be NULLed.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
For Data Layout Messages version 1 & 2 the specification state
that the value stored in the data field is 1 greater than the
number of dimensions in the dataspace. For version 3 this is
not explicitly stated but the implementation suggests it to be
the case.
Thus the set value needs to be at least 2. For dimensionality
< 2 an out-of-bounds access occurs as in CVE-2021-45833.
This fixes CVE-2021-45833 / Bug #2240.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
Commit afc54d75a1 to the test suite to eliminate a separate
shell script did not take into account that there may be
multiple dependent test scripts which resulted in the
message:
`/bin/sh: line 7: [: too many arguments`.
when running the test suite.
Beware that this new version still makes use of non-posix GNU
extensions to `test`.
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.com>
* Use ubuntu-20.04 for github autotools parallel tests until parallel
configure is fixed on ubuntu 22.04.
* Remove inactive developers from CODEOWNERS.
* Temporarily cat config.log for autotools build in github actions.
* Try ubuntu-latest.
* Attempt to cat config.log even when configure fails.
* Fix syntax.
* Try again
* Try again
* Try again.
* Back to original temporary fix.
* Install libopenmpi-dev with openmpi-bin, which was installed as a
dependency prior to ubuntu-22.04.
* Jira HDFFV-10881: Segfault in H5CX_get_vol_wrap_ctx when H5VLwrap_register is called from an application. A quick and simple fix to make it fail with a relevant error message.
* Format changes.
* Committing clang-format changes
* Minor change: split one condition check into two for clarity.
* Adding doxygen comment for H5VLwrap_register.
* Minor change: adding a little more detail to the Doxygen comment for H5VLwrap_register.
Return the result rather than setting the exit code. "return" is a
language keyword whereas "exit" is a function for which the <stdlib.h>
header has to be included which it wasn't in this test, therefore the
test would previously fail to identify that the encoder was enabled if
"-Werror=implicit-function-declaration" was used, which it is by default
with clang from Xcode 12 and later.
Fixes#2262