[arch-commits] Commit in hdf5-openmpi/trunk (PKGBUILD hdf51.10-CVE2016.patch)
Bruno Pagani
archange at archlinux.org
Sat Jun 17 14:57:17 UTC 2017
Date: Saturday, June 17, 2017 @ 14:57:15
Author: archange
Revision: 237925
upgpkg: hdf5-openmpi 1.10.1-1
Remove CVE patch, fixed upstream in this release.
Modified:
hdf5-openmpi/trunk/PKGBUILD
Deleted:
hdf5-openmpi/trunk/hdf51.10-CVE2016.patch
------------------------+
PKGBUILD | 16 +-
hdf51.10-CVE2016.patch | 280 -----------------------------------------------
2 files changed, 7 insertions(+), 289 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-06-17 14:57:14 UTC (rev 237924)
+++ PKGBUILD 2017-06-17 14:57:15 UTC (rev 237925)
@@ -10,9 +10,8 @@
_pkgname=hdf5
_mpi=openmpi
pkgname=${_pkgname}-${_mpi}
-_patch=patch1
-pkgver=1.10.0_${_patch}
-pkgrel=3
+pkgver=1.10.1
+pkgrel=1
pkgdesc="General purpose library and file format for storing scientific data (${_mpi} version)"
arch=('i686' 'x86_64')
url="https://www.hdfgroup.org/HDF5/"
@@ -23,16 +22,13 @@
conflicts=('hdf5')
replaces=("hdf5-fortran-${_mpi}")
source=("https://support.hdfgroup.org/ftp/HDF5/releases/${_pkgname}-${pkgver:0:4}/${_pkgname}-${pkgver/_/-}/src/${_pkgname}-${pkgver/_/-}.tar.bz2"
- 'mpi.patch'
- 'hdf51.10-CVE2016.patch')
-md5sums=('f6d980febe2c35c11670a9b34fa3b487'
- 'dfa8dd50b8a7ebb3ad7249c627156cf9'
- 'ebc0db3fe6d55dc39f63143ebb6327d4')
+ 'mpi.patch')
+md5sums=('d89893c05ee7ea8611b51bb39450d64e'
+ 'dfa8dd50b8a7ebb3ad7249c627156cf9')
prepare() {
cd ${_pkgname}-${pkgver/_/-}
- patch -p0 -i ../hdf51.10-CVE2016.patch
# FS#33343
patch -p1 -i ../mpi.patch
}
@@ -66,6 +62,8 @@
make -j1 DESTDIR="${pkgdir}" install
+ rm -rf "${pkgdir}"/usr/lib/libdynlib*.so
+
install -dm755 "${pkgdir}"/usr/share/${_pkgname}
mv "${pkgdir}"/usr/share/{hdf5_examples,${_pkgname}/examples}
Deleted: hdf51.10-CVE2016.patch
===================================================================
--- hdf51.10-CVE2016.patch 2017-06-17 14:57:14 UTC (rev 237924)
+++ hdf51.10-CVE2016.patch 2017-06-17 14:57:15 UTC (rev 237925)
@@ -1,280 +0,0 @@
-diff --git src/H5Ocache.c src/H5Ocache.c
-index 831b08a..eab0fd2 100644
---- src/H5Ocache.c
-+++ src/H5Ocache.c
-@@ -1433,6 +1433,10 @@ H5O__chunk_deserialize(H5O_t *oh, haddr_t addr, size_t len, const uint8_t *image
- HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "bad flag combination for message")
- if((flags & H5O_MSG_FLAG_WAS_UNKNOWN) && !(flags & H5O_MSG_FLAG_MARK_IF_UNKNOWN))
- HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "bad flag combination for message")
-+ if((flags & H5O_MSG_FLAG_SHAREABLE)
-+ && H5O_msg_class_g[id]
-+ && !(H5O_msg_class_g[id]->share_flags & H5O_SHARE_IS_SHARABLE))
-+ HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "message of unsharable class flagged as sharable")
-
- /* Reserved bytes/creation index */
- if(oh->version == H5O_VERSION_1)
-diff --git src/H5Odtype.c src/H5Odtype.c
-index e51d319..799f475 100644
---- src/H5Odtype.c
-+++ src/H5Odtype.c
-@@ -311,7 +311,11 @@ H5O_dtype_decode_helper(H5F_t *f, unsigned *ioflags/*in,out*/, const uint8_t **p
- if(version == H5O_DTYPE_VERSION_1) {
- /* Decode the number of dimensions */
- ndims = *(*pp)++;
-- HDassert(ndims <= 4);
-+
-+ /* Check that ndims is valid */
-+ if(ndims > 4)
-+ HGOTO_ERROR(H5E_DATATYPE, H5E_BADTYPE, FAIL, "invalid number of dimensions for array")
-+
- *pp += 3; /*reserved bytes */
-
- /* Skip dimension permutation */
-@@ -519,7 +523,8 @@ H5O_dtype_decode_helper(H5F_t *f, unsigned *ioflags/*in,out*/, const uint8_t **p
- dt->shared->u.array.ndims = *(*pp)++;
-
- /* Double-check the number of dimensions */
-- HDassert(dt->shared->u.array.ndims <= H5S_MAX_RANK);
-+ if(dt->shared->u.array.ndims > H5S_MAX_RANK)
-+ HGOTO_ERROR(H5E_DATATYPE, H5E_CANTLOAD, FAIL, "too many dimensions for array datatype")
-
- /* Skip reserved bytes, if version has them */
- if(version < H5O_DTYPE_VERSION_3)
-diff --git src/H5Opkg.h src/H5Opkg.h
-index 7473397..0fefa21 100644
---- src/H5Opkg.h
-+++ src/H5Opkg.h
-@@ -212,6 +212,7 @@
- \
- /* Set the message's "shared info", if it's shareable */ \
- if((MSG)->flags & H5O_MSG_FLAG_SHAREABLE) { \
-+ HDassert(msg_type->share_flags & H5O_SHARE_IS_SHARABLE); \
- H5O_UPDATE_SHARED((H5O_shared_t *)(MSG)->native, H5O_SHARE_TYPE_HERE, (F), msg_type->id, (MSG)->crt_idx, (OH)->chunk[0].addr) \
- } /* end if */ \
- \
-diff --git src/H5Znbit.c src/H5Znbit.c
-index e2fb300..ca9f52a 100644
---- src/H5Znbit.c
-+++ src/H5Znbit.c
-@@ -60,11 +60,11 @@ static void H5Z_nbit_decompress_one_nooptype(unsigned char *data, size_t data_of
- unsigned char *buffer, size_t *j, int *buf_len, unsigned size);
- static void H5Z_nbit_decompress_one_atomic(unsigned char *data, size_t data_offset,
- unsigned char *buffer, size_t *j, int *buf_len, parms_atomic p);
--static void H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset,
-+static herr_t H5Z__nbit_decompress_one_array(unsigned char *data, size_t data_offset,
- unsigned char *buffer, size_t *j, int *buf_len, const unsigned parms[]);
--static void H5Z_nbit_decompress_one_compound(unsigned char *data, size_t data_offset,
-+static herr_t H5Z__nbit_decompress_one_compound(unsigned char *data, size_t data_offset,
- unsigned char *buffer, size_t *j, int *buf_len, const unsigned parms[]);
--static void H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffer,
-+static herr_t H5Z__nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffer,
- const unsigned parms[]);
- static void H5Z_nbit_compress_one_nooptype(unsigned char *data, size_t data_offset,
- unsigned char *buffer, size_t *j, int *buf_len, unsigned size);
-@@ -990,7 +990,8 @@ H5Z_filter_nbit(unsigned flags, size_t cd_nelmts, const unsigned cd_values[],
- HGOTO_ERROR(H5E_RESOURCE, H5E_NOSPACE, 0, "memory allocation failed for nbit decompression")
-
- /* decompress the buffer */
-- H5Z_nbit_decompress(outbuf, d_nelmts, (unsigned char *)*buf, cd_values);
-+ if(H5Z__nbit_decompress(outbuf, d_nelmts, (unsigned char *)*buf, cd_values) < 0)
-+ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, 0, "can't decompress buffer")
- } /* end if */
- /* output; compress */
- else {
-@@ -1139,12 +1140,15 @@ H5Z_nbit_decompress_one_atomic(unsigned char *data, size_t data_offset,
- }
- }
-
--static void
--H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset,
-+static herr_t
-+H5Z__nbit_decompress_one_array(unsigned char *data, size_t data_offset,
- unsigned char *buffer, size_t *j, int *buf_len, const unsigned parms[])
- {
- unsigned i, total_size, base_class, base_size, n, begin_index;
- parms_atomic p;
-+ herr_t ret_value = SUCCEED; /* Return value */
-+
-+ FUNC_ENTER_STATIC
-
- total_size = parms[parms_index++];
- base_class = parms[parms_index++];
-@@ -1155,7 +1159,12 @@ H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset,
- p.order = parms[parms_index++];
- p.precision = parms[parms_index++];
- p.offset = parms[parms_index++];
-- n = total_size/p.size;
-+
-+ /* Check values of precision and offset */
-+ if(p.precision > p.size * 8 || (p.precision + p.offset) > p.size * 8)
-+ HGOTO_ERROR(H5E_PLINE, H5E_BADTYPE, FAIL, "invalid datatype precision/offset")
-+
-+ n = total_size / p.size;
- for(i = 0; i < n; i++)
- H5Z_nbit_decompress_one_atomic(data, data_offset + i*p.size,
- buffer, j, buf_len, p);
-@@ -1165,8 +1174,9 @@ H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset,
- n = total_size/base_size; /* number of base_type elements inside the array datatype */
- begin_index = parms_index;
- for(i = 0; i < n; i++) {
-- H5Z_nbit_decompress_one_array(data, data_offset + i*base_size,
-- buffer, j, buf_len, parms);
-+ if(H5Z__nbit_decompress_one_array(data, data_offset + i * base_size,
-+ buffer, j, buf_len, parms) < 0)
-+ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress array")
- parms_index = begin_index;
- }
- break;
-@@ -1175,8 +1185,9 @@ H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset,
- n = total_size/base_size; /* number of base_type elements inside the array datatype */
- begin_index = parms_index;
- for(i = 0; i < n; i++) {
-- H5Z_nbit_decompress_one_compound(data, data_offset + i*base_size,
-- buffer, j, buf_len, parms);
-+ if(H5Z__nbit_decompress_one_compound(data, data_offset + i * base_size,
-+ buffer, j, buf_len, parms) < 0)
-+ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress compound")
- parms_index = begin_index;
- }
- break;
-@@ -1187,51 +1198,76 @@ H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset,
- default:
- HDassert(0 && "This Should never be executed!");
- } /* end switch */
-+
-+done:
-+ FUNC_LEAVE_NOAPI(ret_value)
- }
-
--static void
--H5Z_nbit_decompress_one_compound(unsigned char *data, size_t data_offset,
-+static herr_t
-+H5Z__nbit_decompress_one_compound(unsigned char *data, size_t data_offset,
- unsigned char *buffer, size_t *j, int *buf_len, const unsigned parms[])
- {
-- unsigned i, nmembers, member_offset, member_class, size;
-+ unsigned i, nmembers, member_offset, member_class, member_size, used_size = 0, size;
- parms_atomic p;
-+ herr_t ret_value = SUCCEED; /* Return value */
-
-- parms_index++; /* skip total size of compound datatype */
-+ FUNC_ENTER_STATIC
-+
-+ size = parms[parms_index++];
- nmembers = parms[parms_index++];
-
- for(i = 0; i < nmembers; i++) {
- member_offset = parms[parms_index++];
- member_class = parms[parms_index++];
-+
-+ /* Check for overflow */
-+ member_size = parms[parms_index];
-+ used_size += member_size;
-+ if(used_size > size)
-+ HGOTO_ERROR(H5E_PLINE, H5E_BADTYPE, FAIL, "compound member offset overflowed compound size")
- switch(member_class) {
- case H5Z_NBIT_ATOMIC:
-- p.size = parms[parms_index++];
-+ p.size = member_size;
-+ /* Advance past member size */
-+ parms_index++;
- p.order = parms[parms_index++];
- p.precision = parms[parms_index++];
- p.offset = parms[parms_index++];
-+
-+ /* Check values of precision and offset */
-+ if(p.precision > p.size * 8 || (p.precision + p.offset) > p.size * 8)
-+ HGOTO_ERROR(H5E_PLINE, H5E_BADTYPE, FAIL, "invalid datatype precision/offset")
-+
- H5Z_nbit_decompress_one_atomic(data, data_offset + member_offset,
- buffer, j, buf_len, p);
- break;
- case H5Z_NBIT_ARRAY:
-- H5Z_nbit_decompress_one_array(data, data_offset + member_offset,
-- buffer, j, buf_len, parms);
-+ if(H5Z__nbit_decompress_one_array(data, data_offset + member_offset,
-+ buffer, j, buf_len, parms) < 0)
-+ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress array")
- break;
- case H5Z_NBIT_COMPOUND:
-- H5Z_nbit_decompress_one_compound(data, data_offset+member_offset,
-- buffer, j, buf_len, parms);
-+ if(H5Z__nbit_decompress_one_compound(data, data_offset+member_offset,
-+ buffer, j, buf_len, parms) < 0)
-+ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress compound")
- break;
- case H5Z_NBIT_NOOPTYPE:
-- size = parms[parms_index++];
-+ /* Advance past member size */
-+ parms_index++;
- H5Z_nbit_decompress_one_nooptype(data, data_offset+member_offset,
-- buffer, j, buf_len, size);
-+ buffer, j, buf_len, member_size);
- break;
- default:
- HDassert(0 && "This Should never be executed!");
- } /* end switch */
- }
-+
-+done:
-+ FUNC_LEAVE_NOAPI(ret_value)
- }
-
--static void
--H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffer,
-+static herr_t
-+H5Z__nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffer,
- const unsigned parms[])
- {
- /* i: index of data, j: index of buffer,
-@@ -1239,6 +1275,9 @@ H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffe
- size_t i, j, size;
- int buf_len;
- parms_atomic p;
-+ herr_t ret_value = SUCCEED; /* Return value */
-+
-+ FUNC_ENTER_STATIC
-
- /* may not have to initialize to zeros */
- for(i = 0; i < d_nelmts*parms[4]; i++) data[i] = 0;
-@@ -1254,6 +1293,11 @@ H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffe
- p.order = parms[5];
- p.precision = parms[6];
- p.offset = parms[7];
-+
-+ /* Check values of precision and offset */
-+ if(p.precision > p.size * 8 || (p.precision + p.offset) > p.size * 8)
-+ HGOTO_ERROR(H5E_PLINE, H5E_BADTYPE, FAIL, "invalid datatype precision/offset")
-+
- for(i = 0; i < d_nelmts; i++) {
- H5Z_nbit_decompress_one_atomic(data, i*p.size, buffer, &j, &buf_len, p);
- }
-@@ -1262,7 +1306,8 @@ H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffe
- size = parms[4];
- parms_index = 4;
- for(i = 0; i < d_nelmts; i++) {
-- H5Z_nbit_decompress_one_array(data, i*size, buffer, &j, &buf_len, parms);
-+ if(H5Z__nbit_decompress_one_array(data, i*size, buffer, &j, &buf_len, parms) < 0)
-+ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress array")
- parms_index = 4;
- }
- break;
-@@ -1270,13 +1315,17 @@ H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffe
- size = parms[4];
- parms_index = 4;
- for(i = 0; i < d_nelmts; i++) {
-- H5Z_nbit_decompress_one_compound(data, i*size, buffer, &j, &buf_len, parms);
-+ if(H5Z__nbit_decompress_one_compound(data, i*size, buffer, &j, &buf_len, parms) < 0)
-+ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress compound")
- parms_index = 4;
- }
- break;
- default:
- HDassert(0 && "This Should never be executed!");
- } /* end switch */
-+
-+done:
-+ FUNC_LEAVE_NOAPI(ret_value)
- }
-
- static void H5Z_nbit_compress_one_byte(unsigned char *data, size_t data_offset, int k, int begin_i,
More information about the arch-commits
mailing list