profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/bmribler/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

HDFGroup/hdf4 2

Official HDF4 Library Repository

bmribler/hdf4 0

Official HDF4 Library Repository

bmribler/hdf5 0

Official HDF5® Library Repository

pull request commentHDFGroup/hdf5

Fixed HDFFV-11052 (CVE-2020-10812)

This change does not appear to fix the bug. How does f->shared unexpectedly become NULL? The corrupted file caused wacky things to happen, Dave. Dana helped me and I'm making changes to the ...changes. As I mentioned in the Description, this is a temporary workaround that a few of us discussed and decided to present to other developers for more suggestions.

bmribler

comment created time in 2 hours

pull request commentHDFGroup/hdf5

Fixed HDFFV-11052 (CVE-2020-10812)

After I applied the changes, the core dump was avoided but I got the infinite loop error: HDF5: infinite loop closing library L,T_top,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F,F

I created this draft PR so you can look over the changes and give me suggestions to eliminate the infinite loop error. I think H5L_table_g was not 0 causing that but what can I do?

bmribler

comment created time in 15 hours

Pull request review commentHDFGroup/hdf5

Fixed HDFFV-11052 (CVE-2020-10812)

 H5VL__native_file_optional(void *obj, H5VL_optional_args_t *args, hid_t H5_ATTR_  * Return:      Success:    SUCCEED  *              Failure:    FAIL (file will not be closed)  *+ * Modifications:+ *+ *              BMR -- 9/15/21+ *              Temporary solution for CVE-2020-10812:+ *                  Added a check for the returned value of H5F_NREFS to detect+ *                  a file shared pointer being null possibly due to file+ *                  corruption.  When that situation occurs, H5F_NREFS will return+ *                  UINT_MAX.  This is to avoid core dump in production mode.  *-------------------------------------------------------------------------  */ herr_t H5VL__native_file_close(void *file, hid_t H5_ATTR_UNUSED dxpl_id, void H5_ATTR_UNUSED **req) {-    int    nref;-    H5F_t *f         = (H5F_t *)file;-    hid_t  file_id   = H5I_INVALID_HID;-    herr_t ret_value = SUCCEED; /* Return value */+    int      nref;+    H5F_t *  f         = (H5F_t *)file;+    hid_t    file_id   = H5I_INVALID_HID;+    unsigned f_nrefs   = UINT_MAX;+    herr_t   ret_value = SUCCEED; /* Return value */ 

I'm a bit confused about H5I_get_ref() and H5F_NREFS -> H5F_get_nrefs, please confirm that the use of these two functions here are correct.

bmribler

comment created time in 15 hours

PullRequestReviewEvent

PR opened HDFGroup/hdf5

Fixed HDFFV-11052 (CVE-2020-10812)

Description The tool h5debug on a corrupted file produced a core dump. The issue occurred during failure recovery when a null shared file pointer was being accessed.

A permanent solution to handle corrupted file during failure recovery
will require more careful consideration to avoid bad side-effects to
other parts of the library.  In the meantime, a workaround is used to
catch the attempt of accessing the null shared file pointer.  The tool
will then return error instead of segfault.

Platforms tested: Linux/64 (jelly)

+31 -5

0 comment

2 changed files

pr created time in 15 hours

create barnchHDFGroup/hdf5

branch : bmr_hdf5_cve

created branch time in 15 hours

PullRequestReviewEvent
PullRequestReviewEvent
PullRequestReviewEvent

PR opened HDFGroup/hdf5doc

Updated C++ RM for 1.12.1 release.
+38205 -23613

0 comment

344 changed files

pr created time in 2 months

push eventbmribler/hdf5doc

Binh-Minh Ribler

commit sha 84f68c33a2d17a9c15e12f790469b62bfc82b530

Updated C++ RM for 1.12.1 release.

view details

push time in 2 months

PullRequestReviewEvent
PullRequestReviewEvent

Pull request review commentHDFGroup/hdf5

1.12 Update docs with plugins usage and fix version refs

 This tar file contains     CTestScript.cmake     HDF5config.cmake    CMake scripts for building HDF5     HDF5options.cmake-    hdf5-1.12.1         HDF5 1.12.1 source+    hdf5-1.12.2         HDF5 1.12.1 source

OK then.

byrnHDF

comment created time in 2 months

Pull request review commentHDFGroup/hdf5

1.12 Update docs with plugins usage and fix version refs

 This tar file contains     CTestScript.cmake     HDF5config.cmake    CMake scripts for building HDF5     HDF5options.cmake-    hdf5-1.12.1         HDF5 1.12.1 source+    hdf5-1.12.2         HDF5 1.12.2 source

Still confused. 1.12.2?

byrnHDF

comment created time in 2 months

PullRequestReviewEvent
PullRequestReviewEvent
PullRequestReviewEvent

Pull request review commentHDFGroup/hdf5

Release notes

 HDF5 version 1.12.1 released on 2021-06-25 INTRODUCTION ============ -This document describes the new features introduced in the HDF5 1.12.0 release.+This document describes the new features introduced in the HDF5 1.12.1 release. It contains information on the platforms tested and known problems in this release. For more details check the HISTORY*.txt files in the HDF5 source.

"For more details, check the" very minor, only if you do something else

lrknox

comment created time in 2 months

PullRequestReviewEvent

Pull request review commentHDFGroup/hdf5

Update docs with plugins usage and fix version refs

 This tar file contains     CTestScript.cmake     HDF5config.cmake    CMake scripts for building HDF5     HDF5options.cmake-    hdf5-1.12.1         HDF5 1.12.1 source+    hdf5-1.12.2         HDF5 1.12.1 source

I'm confused with all these 1.12.2, 1.12.6, 1.12.7,...

byrnHDF

comment created time in 2 months

PullRequestReviewEvent

Pull request review commentHDFGroup/hdf5

Update docs with plugins usage and fix version refs

 tar2cmakezip()     (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS201564 -C Release -V -O hdf5.log" > build-VS2015-64.bat; chmod 755 build-VS2015-64.bat)     (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS2017 -C Release -V -O hdf5.log" > build-VS2017-32.bat; chmod 755 build-VS2017-32.bat)     (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS201764 -C Release -V -O hdf5.log" > build-VS2017-64.bat; chmod 755 build-VS2017-64.bat)+    (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS2019 -C Release -V -O hdf5.log" > build-VS2019-32.bat; chmod 755 build-VS2017-32.bat)+    (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS201964 -C Release -V -O hdf5.log" > build-VS2019-64.bat; chmod 755 build-VS2017-64.bat)      # step 3: add LIBAEC.tar.gz, ZLib.tar.gz and cmake files     cp /mnt/scr1/pre-release/hdf5/CMake/LIBAEC.tar.gz $cmziptmpsubdir     cp /mnt/scr1/pre-release/hdf5/CMake/ZLib.tar.gz $cmziptmpsubdir-    cp /mnt/scr1/pre-release/hdf5/CMake/HDF5Examples-1.12.6-Source.zip $cmziptmpsubdir+    cp /mnt/scr1/pre-release/hdf5/CMake/HDF5Examples-1.12.7-Source.zip $cmziptmpsubdir+    cp /mnt/scr1/pre-release/hdf5/CMake/hdf5_plugins-1_12_1.zip $cmziptmpsubdir

What with 1.12.6 and 1.12.7? If correct, just ignore me.

byrnHDF

comment created time in 2 months

PullRequestReviewEvent

Pull request review commentHDFGroup/hdf5

Update docs with plugins usage and fix version refs

 tar2cmakezip()     (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS201564 -C Release -V -O hdf5.log" > build-VS2015-64.bat; chmod 755 build-VS2015-64.bat)     (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS2017 -C Release -V -O hdf5.log" > build-VS2017-32.bat; chmod 755 build-VS2017-32.bat)     (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS201764 -C Release -V -O hdf5.log" > build-VS2017-64.bat; chmod 755 build-VS2017-64.bat)+    (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS2019 -C Release -V -O hdf5.log" > build-VS2019-32.bat; chmod 755 build-VS2017-32.bat)+    (cd $cmziptmpsubdir; echo "ctest -S HDF5config.cmake,BUILD_GENERATOR=VS201964 -C Release -V -O hdf5.log" > build-VS2019-64.bat; chmod 755 build-VS2017-64.bat)

2017?

byrnHDF

comment created time in 2 months

PullRequestReviewEvent

Pull request review commentHDFGroup/hdf5

Changes to docs for using plugins

 I. Preconditions     2. You have installed the HDF5 library built with CMake, by executing       the HDF Install Utility (the *.msi file in the binary package for-      Windows). If you are using a Windows platform, you can obtain a-      pre-built Windows binary from The HDF Group's website at+      Windows). You can obtain pre-built binaries from The HDF Group's website at       www.hdfgroup.org.     3. Set the environment variable HDF5_DIR to the installed location of-      the config files for HDF5. On Windows:+      the config files for HDF5.+         On Windows:             HDF5_DIR=C:/Program Files/HDF_Group/HDF5/1.13.x/cmake+         On unix:+            HDF5_DIR=<install root folder>/HDF_Group/HDF5/1.13.x/cmake

Why 1.13.x?

byrnHDF

comment created time in 2 months

PullRequestReviewEvent