From 9d7a4e95388545b16216e394fdbcb0d057a3349b Mon Sep 17 00:00:00 2001
From: Matthew Larson <matthewjlar@gmail.com>
Date: Mon, 19 Aug 2024 14:55:36 -0500
Subject: [PATCH 1/2] Fix segfault in s3 credential parsing

---
 src/H5FDs3comms.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/H5FDs3comms.c b/src/H5FDs3comms.c
index 4b1ff0091aa..08735cfe38a 100644
--- a/src/H5FDs3comms.c
+++ b/src/H5FDs3comms.c
@@ -1751,6 +1751,7 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha
     unsigned setting_i     = 0;
     int      found_setting = 0;
     char    *line_buffer   = &(buffer[0]);
+    size_t   end           = 0;
 
     FUNC_ENTER_PACKAGE
 
@@ -1761,8 +1762,7 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha
     /* look for start of profile */
     do {
         /* clear buffer */
-        for (buffer_i = 0; buffer_i < 128; buffer_i++)
-            buffer[buffer_i] = 0;
+        memset(buffer, 0, 128);
 
         line_buffer = fgets(line_buffer, 128, file);
         if (line_buffer == NULL) /* reached end of file */
@@ -1772,8 +1772,7 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha
     /* extract credentials from lines */
     do {
         /* clear buffer */
-        for (buffer_i = 0; buffer_i < 128; buffer_i++)
-            buffer[buffer_i] = 0;
+        memset(buffer, 0, 128);
 
         /* collect a line from file */
         line_buffer = fgets(line_buffer, 128, file);
@@ -1812,10 +1811,11 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha
                 strncpy(setting_pointers[setting_i], (const char *)line_buffer, strlen(line_buffer));
 
                 /* "trim" tailing whitespace by replacing with null terminator*/
-                buffer_i = 0;
-                while (!isspace(setting_pointers[setting_i][buffer_i]))
-                    buffer_i++;
-                setting_pointers[setting_i][buffer_i] = '\0';
+                end = strlen(line_buffer) - 1;
+                while (end >= 0 && isspace((unsigned char)setting_pointers[setting_i][end])) {
+                    setting_pointers[setting_i][end] = '\0';
+                    end--;
+                }
 
                 break; /* have read setting; don't compare with others */
             }          /* end if possible name match */

From cabec325ca1631acb83eddd7853dee7e57acd4b0 Mon Sep 17 00:00:00 2001
From: Matthew Larson <matthewjlar@gmail.com>
Date: Tue, 20 Aug 2024 09:20:40 -0500
Subject: [PATCH 2/2] Fix AWS cred parsing when >1 profile provided

---
 src/H5FDs3comms.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/H5FDs3comms.c b/src/H5FDs3comms.c
index 08735cfe38a..1d5ee2608e1 100644
--- a/src/H5FDs3comms.c
+++ b/src/H5FDs3comms.c
@@ -1671,6 +1671,9 @@ H5FD_s3comms_HMAC_SHA256(const unsigned char *key, size_t key_len, const char *m
 
     FUNC_ENTER_NOAPI_NOINIT
 
+    if (!key)
+        HGOTO_ERROR(H5E_ARGS, H5E_BADVALUE, FAIL, "signing key not provided");
+
     if (dest == NULL)
         HGOTO_ERROR(H5E_ARGS, H5E_BADVALUE, FAIL, "destination cannot be null.");
 
@@ -1771,8 +1774,9 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha
 
     /* extract credentials from lines */
     do {
-        /* clear buffer */
+        /* clear buffer and flag */
         memset(buffer, 0, 128);
+        found_setting = 0;
 
         /* collect a line from file */
         line_buffer = fgets(line_buffer, 128, file);
@@ -1812,7 +1816,7 @@ H5FD__s3comms_load_aws_creds_from_file(FILE *file, const char *profile_name, cha
 
                 /* "trim" tailing whitespace by replacing with null terminator*/
                 end = strlen(line_buffer) - 1;
-                while (end >= 0 && isspace((unsigned char)setting_pointers[setting_i][end])) {
+                while (end > 0 && isspace((int)setting_pointers[setting_i][end])) {
                     setting_pointers[setting_i][end] = '\0';
                     end--;
                 }
@@ -2173,7 +2177,7 @@ H5FD_s3comms_signing_key(unsigned char *md, const char *secret, const char *regi
         HGOTO_ERROR(H5E_ARGS, H5E_BADVALUE, FAIL, "`iso8601now` cannot be NULL.");
 
     AWS4_secret_len = 4 + strlen(secret) + 1;
-    AWS4_secret     = (char *)H5MM_malloc(sizeof(char *) * AWS4_secret_len);
+    AWS4_secret     = (char *)H5MM_malloc(AWS4_secret_len);
     if (AWS4_secret == NULL)
         HGOTO_ERROR(H5E_ARGS, H5E_BADVALUE, FAIL, "Could not allocate space.");
 
@@ -2188,10 +2192,13 @@ H5FD_s3comms_signing_key(unsigned char *md, const char *secret, const char *regi
     HMAC(EVP_sha256(), (const unsigned char *)AWS4_secret, (int)strlen(AWS4_secret),
          (const unsigned char *)iso8601now, 8, /* 8 --> length of 8 --> "yyyyMMDD"  */
          datekey, NULL);
+
     HMAC(EVP_sha256(), (const unsigned char *)datekey, SHA256_DIGEST_LENGTH, (const unsigned char *)region,
          strlen(region), dateregionkey, NULL);
+
     HMAC(EVP_sha256(), (const unsigned char *)dateregionkey, SHA256_DIGEST_LENGTH,
          (const unsigned char *)"s3", 2, dateregionservicekey, NULL);
+
     HMAC(EVP_sha256(), (const unsigned char *)dateregionservicekey, SHA256_DIGEST_LENGTH,
          (const unsigned char *)"aws4_request", 12, md, NULL);