Heap-buffer-overflow in H5A__read #4351
Labels
Component - C Library
Core C library issues (usually in the src directory)
Priority - 1. High 🔼
These are important issues that should be resolved in the next release
Type - Bug / Bugfix
Please report security issues to [email protected] instead of creating an issue on GitHub
Type - Security
Security issues, including library crashers and memory leaks
Milestone
Describe the bug
==5605==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000657c at pc 0x00000049ef41 bp 0x7ffd4583ea30 sp 0x7ffd4583e200
READ of size 8 at 0x60200000657c thread T0
SCARINESS: 23 (8-byte-read-heap-buffer-overflow)
# 0 0x49ef40 in __asan_memcpy /src/llvm-project/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:22:3
# 1 0x692165 in H5A__read hdf5/src/H5Aint.c:721:17
# 2 0xf5ef7f in H5VL__native_attr_read hdf5/src/H5VLnative_attr.c:213:22
# 3 0xf1fd95 in H5VL__attr_read hdf5/src/H5VLcallback.c:1204:9
# 4 0xf1fd95 in H5VL_attr_read hdf5/src/H5VLcallback.c:1235:9
# 5 0x67d103 in H5A__read_api_common hdf5/src/H5A.c:1006:9
# 6 0x67cc33 in H5Aread hdf5/src/H5A.c:1038:9
0x60200000657c is located 0 bytes to the right of 12-byte region [0x602000006570,0x60200000657c)
allocated by thread T0 here:
# 0 0x49fbb6 in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
# 1 0x89e90e in H5FL__malloc hdf5/src/H5FL.c:231:30
# 2 0x89e90e in H5FL_blk_malloc hdf5/src/H5FL.c:848:40
# 3 0x9e2b56 in H5O__attr_decode hdf5/src/H5Oattr.c:280:43
# 4 0x9e2b56 in H5O__attr_shared_decode hdf5/src/H5Oshared.h:73:34
# 5 0xa6396f in H5O__msg_iterate_real hdf5/src/H5Omessage.c:1159:13
# 6 0x9e9212 in H5O__attr_open_by_name hdf5/src/H5Oattribute.c:493:17
# 7 0x691593 in H5A__open_by_name hdf5/src/H5Aint.c:629:25
# 8 0xf5ea34 in H5VL__native_attr_open hdf5/src/H5VLnative_attr.c:169:29
# 9 0xf1f33f in H5VL__attr_open hdf5/src/H5VLcallback.c:1104:30
# 10 0xf1f33f in H5VL_attr_open hdf5/src/H5VLcallback.c:1136:30
# 11 0x68d48a in H5A__open_common hdf5/src/H5A.c:459:17
# 12 0x679833 in H5A__open_by_name_api_common hdf5/src/H5A.c:636:22
# 13 0x6791f4 in H5Aopen_by_name hdf5/src/H5A.c:674:14
Additional context
Reported for c5c4713.
The text was updated successfully, but these errors were encountered: