-
-
Notifications
You must be signed in to change notification settings - Fork 265
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed HDFFV-10480 (CVE-2018-11206) and HDFFV-11159 (CVE-2018-14033) #405
Changes from 16 commits
28da8dc
c1bdb0c
c24a0c2
1dec6d8
a147ae6
1671982
b45de82
5832a70
c21324d
8e71d59
d0a00d1
0c7c02e
a030e91
9ae8bd2
b8a0f9a
b343d66
5060450
fcfbacb
5213c5a
e5e2404
0c04d8b
64490c6
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -180,6 +180,8 @@ $SRC_H5DUMP_TESTFILES/tvlenstr_array.h5 | |
$SRC_H5DUMP_TESTFILES/tvlstr.h5 | ||
$SRC_H5DUMP_TESTFILES/tvms.h5 | ||
$SRC_H5DUMP_TESTFILES/err_attr_dspace.h5 | ||
$SRC_H5DUMP_TESTFILES/tCVE_2018_11206_fill_old.h5 | ||
$SRC_H5DUMP_TESTFILES/tCVE_2018_11206_fill_new.h5 | ||
" | ||
|
||
LIST_OTHER_TEST_FILES=" | ||
|
@@ -868,6 +870,35 @@ TOOLTEST5() { | |
fi | ||
} | ||
|
||
# same as TOOLTEST1 but expects h5dump to fail | ||
# | ||
TOOLTEST_FAIL() { | ||
|
||
infile=$1 | ||
expect="$TESTDIR/`basename $1 exp`.ddl" | ||
actual="$TESTDIR/`basename $1 .exp`.out" | ||
|
||
# Run test. | ||
TESTING $DUMPER $@ | ||
( | ||
cd $TESTDIR | ||
$RUNSERIAL $DUMPER_BIN "$@" $infile | ||
) >&$actual | ||
RET=$? | ||
# Segfault occurred | ||
if [ $RET == 139 ] ; then | ||
nerrors="`expr $nerrors + 1`" | ||
echo " FAILED" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think it might be worthwhile to differentiate the two "FAILED" messages to make the log more meaningful and also to make clear in the second case that an expected h5dump failure didn't happen. Also note that all other FAILED messages in the script are surrounded by *s: FAILED. If you follow that convention it makes it easier to distinguish failed tests in the logs from incidental occurrences of "FAILED" that don't indicate test failures. I suggest: [ ] - optional - could also be test name if available. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ah, thank you! I knew about '' but must have used the existing PASSED line and changed to FAIL and forgot about the ''. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I've made the changes and resolved the conflict. |
||
# Should fail but didn't | ||
elif [ $RET == 0 ] ; then | ||
nerrors="`expr $nerrors + 1`" | ||
echo " FAILED" | ||
else | ||
echo " PASSED" | ||
fi | ||
|
||
} | ||
|
||
# ADD_HELP_TEST | ||
TOOLTEST_HELP() { | ||
|
||
|
@@ -1445,6 +1476,10 @@ TOOLTEST err_attr_dspace.ddl err_attr_dspace.h5 | |
# test to verify HDFFV-9407: long double full precision | ||
GREPTEST OUTTXT "1.123456789012345" t128bit_float.ddl -m %.35Lf t128bit_float.h5 | ||
|
||
# test to verify HDFFV-10480: out of bounds read in H5O_fill_new[old]_decode | ||
TOOLTEST_FAIL tCVE_2018_11206_fill_old.h5 | ||
TOOLTEST_FAIL tCVE_2018_11206_fill_new.h5 | ||
|
||
# Clean up temporary files/directories | ||
CLEAN_TESTFILES_AND_TESTDIR | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if ADD_H5_TEST should be ADD_H5_GREP_TEST and search that the test failure that is expected and doesn't fail for some other reason.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure, but TOOLTEST_FAIL took care of that, it would detect the segfault. I wish the author would put some comments to these macros... :-/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh it segfaults - okay then this is fine.