File Make-sure-unused-attribute-entries-are-NULLed.patch of Package hdf5.28369
From: Egbert Eich <eich@suse.com>
Date: Thu Jun 6 13:12:42 2024 +0200
Subject: Make sure unused attribute entries are NULLed
Patch-mainline: Upstream
Git-repo: https://github.com/HDFGroup/hdf5
Git-commit: 82b775a44e3f9939d6e9d394de81b274e3d091c1
References: bsc#124158
The number of attribute entries are doubled on every size increase in
H5A__compact_build_table_cb(). However, every call adds just one attribute.
Before calling H5A__close() on each attribute, H5A__attr_release_table()
will check each attribute entry for non-NULL. This will only work if
unused entries have been NULLed properly.
Fix CVE-2024-32608
Signed-off-by: Egbert Eich <eich@suse.com>
Signed-off-by: Egbert Eich <eich@suse.de>
---
src/H5Aint.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/H5Aint.c b/src/H5Aint.c
index 2e0ebbb38a..306805d624 100644
--- a/src/H5Aint.c
+++ b/src/H5Aint.c
@@ -1391,6 +1391,7 @@ H5A__compact_build_table_cb(H5O_t H5_ATTR_UNUSED *oh, H5O_mesg_t *mesg /*in,out*
if (udata->curr_attr == udata->atable->nattrs) {
H5A_t **new_table; /* New table for attributes */
size_t new_table_size; /* Number of attributes in new table */
+ size_t u;
/* Allocate larger table */
new_table_size = MAX(1, 2 * udata->atable->nattrs);
@@ -1400,6 +1401,8 @@ H5A__compact_build_table_cb(H5O_t H5_ATTR_UNUSED *oh, H5O_mesg_t *mesg /*in,out*
/* Update table information in user data */
udata->atable->attrs = new_table;
udata->atable->nattrs = new_table_size;
+ for (u = udata->curr_attr + 1; u < new_table_size; u++)
+ udata->atable->attrs[u] = NULL;
} /* end if */
/* Copy attribute into table */