Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add bounds checking to avoid heap-based buffer overflow vulnerability #4785

Closed
wants to merge 2 commits into from
Closed

Add bounds checking to avoid heap-based buffer overflow vulnerability #4785

wants to merge 2 commits into from

Conversation

wswsmao
Copy link
Contributor

@wswsmao wswsmao commented Aug 29, 2024

@derobins derobins added Merge - To 1.14 Priority - 1. High 🔼 These are important issues that should be resolved in the next release Component - Tools Command-line tools like h5dump, includes high-level tools Type - Bug / Bugfix Please report security issues to [email protected] instead of creating an issue on GitHub labels Aug 29, 2024
@derobins
Copy link
Member

Do you have a test file? There's no test to ensure this is really fixed.

@wswsmao
Copy link
Contributor Author

wswsmao commented Aug 30, 2024

Do you have a test file? There's no test to ensure this is really fixed.

Ok,I will add test files as appendix

mattjala
mattjala requested changes Oct 1, 2024
View reviewed changes
Copy link
Contributor

@mattjala mattjala left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs a test file for regression testing

@derobins
Copy link
Member

We've removed the gif tools from the HDF5 library, so I'm going to close this.

@derobins derobins closed this Oct 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattjala mattjala mattjala requested changes

@hyoklee hyoklee hyoklee approved these changes

@lrknox lrknox Awaiting requested review from lrknox lrknox is a code owner

@derobins derobins Awaiting requested review from derobins derobins is a code owner

@byrnHDF byrnHDF Awaiting requested review from byrnHDF byrnHDF is a code owner

@fortnern fortnern Awaiting requested review from fortnern fortnern is a code owner

@jhendersonHDF jhendersonHDF Awaiting requested review from jhendersonHDF jhendersonHDF is a code owner

@qkoziol qkoziol Awaiting requested review from qkoziol qkoziol is a code owner

@vchoi-hdfgroup vchoi-hdfgroup Awaiting requested review from vchoi-hdfgroup vchoi-hdfgroup is a code owner

@bmribler bmribler Awaiting requested review from bmribler bmribler is a code owner

@glennsong09 glennsong09 Awaiting requested review from glennsong09 glennsong09 is a code owner

@brtnfld brtnfld Awaiting requested review from brtnfld brtnfld is a code owner

Assignees

@derobins derobins

Labels
Component - Tools Command-line tools like h5dump, includes high-level tools Priority - 1. High 🔼 These are important issues that should be resolved in the next release Type - Bug / Bugfix Please report security issues to [email protected] instead of creating an issue on GitHub
Projects
Downstream HDF5 Merges
Status: Merges Complete
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@wswsmao @derobins @hyoklee @mattjala @byrnHDF