Segmentation violation with H5Gmove2 when passing in an invalid 'src_loc_id' #4737

abhibaruah · 2024-08-20T19:12:47Z

HDF5 version -> 1.14.4.3
OS and version -> Debian 12
Compiler and version -> g++

I have a reproduction code where I pass an invalid src_loc_id as the first parameter of H5Gmove2. While I would have expected this to throw an error, I see a segmentation violation instead.

Reproduction code:

#include "hdf5.h"
#include <stdio.h>
#include <stdlib.h>
#include <iostream>

#define FILE            "temp2.h5"
#define GROUPNAME       "/Data"
#define LINKNAME        "Data_link"


int main (void)
{
    hid_t           file, grpid, space, dset, dcpl;    /* Handles */
    herr_t          status;
					
	/*
     * Create a new file using the default properties.
     */
    file = H5Fcreate (FILE, H5F_ACC_TRUNC, H5P_DEFAULT, H5P_DEFAULT);
	
	grpid = H5Gcreate2(file, GROUPNAME, H5P_DEFAULT, H5P_DEFAULT, H5P_DEFAULT);
	
	std::cout << "Before H5Gmove" <<std::endl;
	status = H5Gmove2 (0, "/Soft2/CData", file, "/Data_link/Data_new1/CData");
	std::cout << "After H5Gmove" <<std::endl;
    	
	/*
     * Close and release resources.
     */
    status = H5Gclose(grpid);
    status = H5Fclose (file);

    return 0;
 

}

Output:
Before H5Gmove
Segmentation fault

The text was updated successfully, but these errors were encountered:

User's application segfaulted because the returned value H5I_BADID wasn't detected when H5I_get_type() was called. This PR adds checks for invalid file/group identifiers passed into H5Gmove2. Is that still necessary to check the returned value from H5I_get_type() or should the fix be checking the returned value from H5I_get_type() instead? This defect occurs in many other places, hence, issue HDFGroupGH-4764. Fixes HDFGroupGH-4737

User's application segfaulted because the returned value H5I_BADID wasn't detected when H5I_get_type() was called. This PR adds checks for invalid file/group identifiers passed into H5Gmove2. This defect occurs in many other places, hence, issue HDFGroupGH-4764. Fixes HDFGroup#4737

* Remove dummy comments that repeat function names. (#4775) * Fix grammar in H5Odtype.c comment block (#4777) * Add subfiling checks to the gcc action (#4776) * Replace non-VOL calls with VOL calls - part 3 (#4771) This PR switches H5I_object() to H5VL_vol_object() in H5O and H5T APIs. H5M is the last one and left out of this PR because it needs more work in documentation and there is no test for the API functions. Fixes GH-4730 * Add subfiling to CI more places where we test parallel (#4778) * CMake: gcc,, AOCC * Autotools: AOCC (gcc was added in a previous commit) NVHPC generates a lot of tools errors for some reason * Convert Collective Calls html file to doxygen (#4779) * Fix grammar in H5Fint.c comment block (#4782) * Improve the consistency of configure help messages (#4783) Fix grammar in configure message * Fixes Fortran parallel build race condition for tests (#4789) * Update URL documentation links to support site (#4781) * Fix grammar and simplify comment in H5Fint.c (#4790) * Fix char-subscripts warnings in H5private.h (#4793) * Bump the github-actions group with 3 updates (#4798) Bumps the github-actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [DoozyX/clang-format-lint-action](https://github.com/doozyx/clang-format-lint-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 4.1.1 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v4.1.1...v4.1.7) Updates `DoozyX/clang-format-lint-action` from 0.17 to 0.18 - [Release notes](https://github.com/doozyx/clang-format-lint-action/releases) - [Commits](DoozyX/clang-format-lint-action@v0.17...v0.18) Updates `github/codeql-action` from 3.25.15 to 3.26.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@afb54ba...4dd1613) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: DoozyX/clang-format-lint-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix typo argueably in H5Cprivate.h (#4795) * Fix typos in H5Cpkg.h (#4796) * Add bounds checking to avoid Out-of-bounds Write for gif2h5 (#4786) * Replace non-VOL calls with VOL calls - part 5 (#4788) This PR switches H5I_object() and H5I_object_verify() to H5VL_vol_object() and H5VL_vol_object_verify(), respectively, in the H5M APIs and H5Gdeprec (was left out by mistake). This completes the fixes of issue GH-4730. * Correct the URL paths (#4802) * Fix a few issues with error reporting during sec2 reads/writes (#4794) * Update windows and apple signing process (#4806) * Use latest clang format action (#4807) * Correct path to document (#4808) * Detect invalid ID to H5Gmove2 (#4765) User's application segfaulted because the returned value H5I_BADID wasn't detected when H5I_get_type() was called. This PR adds checks for invalid file/group identifiers passed into H5Gmove2. This defect occurs in many other places, hence, issue GH-4764. Fixes #4737 * Fix use of public API calls (#4809) Switch public API calls to private ones. Root cause of #4672, which it fixes. Also minor code cleanups * Remove call to H5E_clear_stack() (#4810) Remove call to H5E_clear_stack() in H5G_node_debug() Add misc. minor cleanups * Enable win Intel signing (#4812) * Remove unneeded file name part (#4814) * Update NVHPC optimization settings (#4815) * Use -gopt in Autotools/CMake instead of -g * Autotools uses -O3 for release, -O1 for debug * Remove CMake optimization flag removal hack * Add mirror VFD to serial -Werror CI action (#4753) * Add mirror VFD to serial -Werror CI action * NUL terminate mirror_vfd.c strings * Add THREADS check to configuration file (#4746) * Cleanup threads package checks * Check first if package was found * Remove unnecessary dependent checks * Remove Unused options and fix names of option prefix * Rework RFC url in aliases (#4813) * Update config/cmake/hdf5-config.cmake.in _ENABLE_THREADS doesn't belong in hdf5_1_14

byrnHDF added Component - C Library Core C library issues (usually in the src directory) Type - Bug / Bugfix Please report security issues to [email protected] instead of creating an issue on GitHub labels Aug 21, 2024

ajelenak assigned bmribler Aug 22, 2024

bmribler mentioned this issue Aug 26, 2024

Returned value from H5I_get_type() is not checked #4764

Open

bmribler mentioned this issue Aug 26, 2024

Detect invalid ID to H5Gmove2 #4765

Merged

derobins added this to the 1.14.5 milestone Aug 29, 2024

derobins closed this as completed in #4765 Sep 6, 2024

derobins closed this as completed in a75542b Sep 6, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Segmentation violation with H5Gmove2 when passing in an invalid 'src_loc_id' #4737

Segmentation violation with H5Gmove2 when passing in an invalid 'src_loc_id' #4737

abhibaruah commented Aug 20, 2024

Segmentation violation with H5Gmove2 when passing in an invalid 'src_loc_id' #4737

Segmentation violation with H5Gmove2 when passing in an invalid 'src_loc_id' #4737

Comments

abhibaruah commented Aug 20, 2024