Open
Description
h5dump crashes when reading the following malformed files:
$ ./h5dump ~/t7.txt
h5dump error: internal error (file /home/nathan/github/hdf5/tools/src/h5dump/h5dump.c:line 1515)$ ./h5dump ~/t20.txt
HDF5 "/home/nathan/t20.txt" {
GROUP "/" {
DATASET "test-data" {
DATATYPE H5T_STD_U8LE
DATASPACE SIMPLE { ( 1002330 ) / ( 1002330 ) }
=================================================================
==7478==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f196b2fe91b at pc 0x5626ec052db7 bp 0x7ffd7f64e1d0 sp 0x7ffd7f64d9a0
READ of size 1002330 at 0x7f196b2fe91b thread T0
#0 0x5626ec052db6 in __asan_memcpy (/home/nathan/github/hdf5/build/bin/h5dump+0xb5db6) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#1 0x7f196f503f8a in H5VM_memcpyvv (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1e38f8a) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#2 0x7f196df7c834 in H5D__compact_readvv H5Dcompact.c
#3 0x7f196e0735e2 in H5D__select_io H5Dselect.c
#4 0x7f196e070f01 in H5D__select_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x9a5f01) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#5 0x7f196df0ca82 in H5D__chunk_read H5Dchunk.c
#6 0x7f196e0341cc in H5D__read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x9691cc) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#7 0x7f196f4b4cbf in H5VL__native_dataset_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1de9cbf) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#8 0x7f196f4010dd in H5VL__dataset_read H5VLcallback.c
#9 0x7f196f40040e in H5VL_dataset_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1d3540e) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#10 0x7f196deb1060 in H5D__read_api_common H5D.c
#11 0x7f196deaf79f in H5Dread (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x7e479f) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#12 0x7f196fccf678 in h5tools_dump_simple_dset h5tools_dump.c
#13 0x7f196fccd0e7 in h5tools_dump_dset (/home/nathan/github/hdf5/build/bin/libhdf5_tools.so.1000+0xce0e7) (BuildId: be547e283a88342c3d030eb6003e2ad85ab9aaf4)
#14 0x7f196fcc1595 in h5tools_dump_data (/home/nathan/github/hdf5/build/bin/libhdf5_tools.so.1000+0xc2595) (BuildId: be547e283a88342c3d030eb6003e2ad85ab9aaf4)
#15 0x5626ec0a3ee5 in dump_dataset (/home/nathan/github/hdf5/build/bin/h5dump+0x106ee5) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#16 0x5626ec09ce6e in dump_all_cb h5dump_ddl.c
#17 0x7f196e4a3e30 in H5G__iterate_cb H5Gint.c
#18 0x7f196e4b3c43 in H5G__link_iterate_table (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xde8c43) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#19 0x7f196e45d854 in H5G__compact_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xd92854) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#20 0x7f196e4f14e8 in H5G__obj_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xe264e8) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#21 0x7f196e4a2b8e in H5G_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xdd7b8e) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#22 0x7f196e71422d in H5L_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x104922d) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#23 0x7f196f4d63f3 in H5VL__native_link_specific (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1e0b3f3) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#24 0x7f196f43db38 in H5VL__link_specific H5VLcallback.c
#25 0x7f196f43cf45 in H5VL_link_specific (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1d71f45) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#26 0x7f196e6e4a9c in H5L__iterate_api_common H5L.c
#27 0x7f196e6e384c in H5Literate2 (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x101884c) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#28 0x5626ec09ac7d in link_iteration (/home/nathan/github/hdf5/build/bin/h5dump+0xfdc7d) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#29 0x5626ec0a1df5 in dump_group (/home/nathan/github/hdf5/build/bin/h5dump+0x104df5) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#30 0x5626ec0905ce in main (/home/nathan/github/hdf5/build/bin/h5dump+0xf35ce) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#31 0x7f196d3bad8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 490fef8403240c91833978d494d39e537409b92e)
#32 0x7f196d3bae3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 490fef8403240c91833978d494d39e537409b92e)
#33 0x5626ebfd0c44 in _start (/home/nathan/github/hdf5/build/bin/h5dump+0x33c44) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
0x7f196b2fe91b is located 0 bytes to the right of 581915-byte region [0x7f196b270800,0x7f196b2fe91b)
allocated by thread T0 here:
#0 0x5626ec053a8e in __interceptor_malloc (/home/nathan/github/hdf5/build/bin/h5dump+0xb6a8e) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#1 0x7f196f561828 in H5Z__filter_shuffle H5Zshuffle.c
#2 0x7f196f51af1a in H5Z_pipeline (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1e4ff1a) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#3 0x7f196df3c79f in H5D__chunk_lock H5Dchunk.c
#4 0x7f196df0c4e5 in H5D__chunk_read H5Dchunk.c
#5 0x7f196e0341cc in H5D__read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x9691cc) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#6 0x7f196f4b4cbf in H5VL__native_dataset_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1de9cbf) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#7 0x7f196f4010dd in H5VL__dataset_read H5VLcallback.c
#8 0x7f196f40040e in H5VL_dataset_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1d3540e) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#9 0x7f196deb1060 in H5D__read_api_common H5D.c
#10 0x7f196deaf79f in H5Dread (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x7e479f) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#11 0x7f196fccf678 in h5tools_dump_simple_dset h5tools_dump.c
#12 0x7f196fccd0e7 in h5tools_dump_dset (/home/nathan/github/hdf5/build/bin/libhdf5_tools.so.1000+0xce0e7) (BuildId: be547e283a88342c3d030eb6003e2ad85ab9aaf4)
#13 0x7f196fcc1595 in h5tools_dump_data (/home/nathan/github/hdf5/build/bin/libhdf5_tools.so.1000+0xc2595) (BuildId: be547e283a88342c3d030eb6003e2ad85ab9aaf4)
#14 0x5626ec0a3ee5 in dump_dataset (/home/nathan/github/hdf5/build/bin/h5dump+0x106ee5) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#15 0x5626ec09ce6e in dump_all_cb h5dump_ddl.c
#16 0x7f196e4a3e30 in H5G__iterate_cb H5Gint.c
#17 0x7f196e4b3c43 in H5G__link_iterate_table (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xde8c43) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#18 0x7f196e45d854 in H5G__compact_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xd92854) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#19 0x7f196e4f14e8 in H5G__obj_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xe264e8) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#20 0x7f196e4a2b8e in H5G_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xdd7b8e) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#21 0x7f196e71422d in H5L_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x104922d) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#22 0x7f196f4d63f3 in H5VL__native_link_specific (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1e0b3f3) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#23 0x7f196f43db38 in H5VL__link_specific H5VLcallback.c
#24 0x7f196f43cf45 in H5VL_link_specific (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1d71f45) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#25 0x7f196e6e4a9c in H5L__iterate_api_common H5L.c
#26 0x7f196e6e384c in H5Literate2 (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x101884c) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#27 0x5626ec09ac7d in link_iteration (/home/nathan/github/hdf5/build/bin/h5dump+0xfdc7d) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#28 0x5626ec0a1df5 in dump_group (/home/nathan/github/hdf5/build/bin/h5dump+0x104df5) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#29 0x5626ec0905ce in main (/home/nathan/github/hdf5/build/bin/h5dump+0xf35ce) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/nathan/github/hdf5/build/bin/h5dump+0xb5db6) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828) in __asan_memcpy
Shadow bytes around the buggy address:
0x0fe3ad657cd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe3ad657ce0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe3ad657cf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe3ad657d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe3ad657d10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0fe3ad657d20: 00 00 00[03]fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe3ad657d30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe3ad657d40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe3ad657d50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe3ad657d60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe3ad657d70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==7478==ABORTING$ ./h5dump ~/t21.txt
HDF5 "/home/nathan/t21.txt" {
GROUP "/" {
DATASET "test-data" {
DATATYPE H5T_STD_U8LE
DATASPACE SIMPLE { ( 1 ) / ( 1 ) }
=================================================================
==7540==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000042ed at pc 0x7fbe683eb76e bp 0x7ffe6e602ad0 sp 0x7ffe6e602ac8
READ of size 1 at 0x6020000042ed thread T0
#0 0x7fbe683eb76d in H5Z__filter_fletcher32 H5Zfletcher32.c
#1 0x7fbe683e3f1a in H5Z_pipeline (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1e4ff1a) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#2 0x7fbe66e0579f in H5D__chunk_lock H5Dchunk.c
#3 0x7fbe66dd54e5 in H5D__chunk_read H5Dchunk.c
#4 0x7fbe66efd1cc in H5D__read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x9691cc) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#5 0x7fbe6837dcbf in H5VL__native_dataset_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1de9cbf) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#6 0x7fbe682ca0dd in H5VL__dataset_read H5VLcallback.c
#7 0x7fbe682c940e in H5VL_dataset_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1d3540e) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#8 0x7fbe66d7a060 in H5D__read_api_common H5D.c
#9 0x7fbe66d7879f in H5Dread (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x7e479f) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#10 0x7fbe68b98678 in h5tools_dump_simple_dset h5tools_dump.c
#11 0x7fbe68b960e7 in h5tools_dump_dset (/home/nathan/github/hdf5/build/bin/libhdf5_tools.so.1000+0xce0e7) (BuildId: be547e283a88342c3d030eb6003e2ad85ab9aaf4)
#12 0x7fbe68b8a595 in h5tools_dump_data (/home/nathan/github/hdf5/build/bin/libhdf5_tools.so.1000+0xc2595) (BuildId: be547e283a88342c3d030eb6003e2ad85ab9aaf4)
#13 0x55b77836aee5 in dump_dataset (/home/nathan/github/hdf5/build/bin/h5dump+0x106ee5) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#14 0x55b778363e6e in dump_all_cb h5dump_ddl.c
#15 0x7fbe6736ce30 in H5G__iterate_cb H5Gint.c
#16 0x7fbe6737cc43 in H5G__link_iterate_table (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xde8c43) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#17 0x7fbe67326854 in H5G__compact_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xd92854) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#18 0x7fbe673ba4e8 in H5G__obj_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xe264e8) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#19 0x7fbe6736bb8e in H5G_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xdd7b8e) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#20 0x7fbe675dd22d in H5L_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x104922d) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#21 0x7fbe6839f3f3 in H5VL__native_link_specific (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1e0b3f3) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#22 0x7fbe68306b38 in H5VL__link_specific H5VLcallback.c
#23 0x7fbe68305f45 in H5VL_link_specific (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1d71f45) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#24 0x7fbe675ada9c in H5L__iterate_api_common H5L.c
#25 0x7fbe675ac84c in H5Literate2 (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x101884c) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#26 0x55b778361c7d in link_iteration (/home/nathan/github/hdf5/build/bin/h5dump+0xfdc7d) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#27 0x55b778368df5 in dump_group (/home/nathan/github/hdf5/build/bin/h5dump+0x104df5) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#28 0x55b7783575ce in main (/home/nathan/github/hdf5/build/bin/h5dump+0xf35ce) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#29 0x7fbe66283d8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 490fef8403240c91833978d494d39e537409b92e)
#30 0x7fbe66283e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 490fef8403240c91833978d494d39e537409b92e)
#31 0x55b778297c44 in _start (/home/nathan/github/hdf5/build/bin/h5dump+0x33c44) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
0x6020000042ed is located 3 bytes to the left of 1-byte region [0x6020000042f0,0x6020000042f1)
allocated by thread T0 here:
#0 0x55b77831aa8e in __interceptor_malloc (/home/nathan/github/hdf5/build/bin/h5dump+0xb6a8e) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#1 0x7fbe66dedbaf in H5D__chunk_mem_alloc (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x859baf) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#2 0x7fbe66e0515e in H5D__chunk_lock H5Dchunk.c
#3 0x7fbe66dd54e5 in H5D__chunk_read H5Dchunk.c
#4 0x7fbe66efd1cc in H5D__read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x9691cc) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#5 0x7fbe6837dcbf in H5VL__native_dataset_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1de9cbf) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#6 0x7fbe682ca0dd in H5VL__dataset_read H5VLcallback.c
#7 0x7fbe682c940e in H5VL_dataset_read (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1d3540e) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#8 0x7fbe66d7a060 in H5D__read_api_common H5D.c
#9 0x7fbe66d7879f in H5Dread (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x7e479f) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#10 0x7fbe68b98678 in h5tools_dump_simple_dset h5tools_dump.c
#11 0x7fbe68b960e7 in h5tools_dump_dset (/home/nathan/github/hdf5/build/bin/libhdf5_tools.so.1000+0xce0e7) (BuildId: be547e283a88342c3d030eb6003e2ad85ab9aaf4)
#12 0x7fbe68b8a595 in h5tools_dump_data (/home/nathan/github/hdf5/build/bin/libhdf5_tools.so.1000+0xc2595) (BuildId: be547e283a88342c3d030eb6003e2ad85ab9aaf4)
#13 0x55b77836aee5 in dump_dataset (/home/nathan/github/hdf5/build/bin/h5dump+0x106ee5) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#14 0x55b778363e6e in dump_all_cb h5dump_ddl.c
#15 0x7fbe6736ce30 in H5G__iterate_cb H5Gint.c
#16 0x7fbe6737cc43 in H5G__link_iterate_table (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xde8c43) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#17 0x7fbe67326854 in H5G__compact_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xd92854) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#18 0x7fbe673ba4e8 in H5G__obj_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xe264e8) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#19 0x7fbe6736bb8e in H5G_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0xdd7b8e) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#20 0x7fbe675dd22d in H5L_iterate (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x104922d) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#21 0x7fbe6839f3f3 in H5VL__native_link_specific (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1e0b3f3) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#22 0x7fbe68306b38 in H5VL__link_specific H5VLcallback.c
#23 0x7fbe68305f45 in H5VL_link_specific (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x1d71f45) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#24 0x7fbe675ada9c in H5L__iterate_api_common H5L.c
#25 0x7fbe675ac84c in H5Literate2 (/home/nathan/github/hdf5/build/bin/libhdf5.so.1000+0x101884c) (BuildId: ac1fbe9c7768d27a51f604c3f05be45b319a8ad7)
#26 0x55b778361c7d in link_iteration (/home/nathan/github/hdf5/build/bin/h5dump+0xfdc7d) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#27 0x55b778368df5 in dump_group (/home/nathan/github/hdf5/build/bin/h5dump+0x104df5) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#28 0x55b7783575ce in main (/home/nathan/github/hdf5/build/bin/h5dump+0xf35ce) (BuildId: 4ff92347be593c988fdb048fa7435d9c0a78c828)
#29 0x7fbe66283d8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 490fef8403240c91833978d494d39e537409b92e)
SUMMARY: AddressSanitizer: heap-buffer-overflow H5Zfletcher32.c in H5Z__filter_fletcher32
Shadow bytes around the buggy address:
0x0c047fff8800: fa fa 00 fa fa fa 04 fa fa fa 00 fa fa fa 00 fa
0x0c047fff8810: fa fa 00 fa fa fa fd fa fa fa 00 00 fa fa 00 fa
0x0c047fff8820: fa fa 00 00 fa fa 00 fa fa fa 00 00 fa fa 00 00
0x0c047fff8830: fa fa 00 00 fa fa 00 00 fa fa 00 00 fa fa 00 00
0x0c047fff8840: fa fa 01 fa fa fa 00 00 fa fa 00 00 fa fa 00 00
=>0x0c047fff8850: fa fa 00 00 fa fa 00 00 fa fa 00 00 fa[fa]01 fa
0x0c047fff8860: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8870: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8880: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8890: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff88a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==7540==ABORTINGPlatform (please complete the following information)
- HDF5 version: commit 613af26
- OS and version: Ubuntu 22.04.5 LTS on Windows 10 x86_64
I built hdf5 with
mkdir build && cd build
cmake ../ -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ -DCMAKE_C_FLAGS="-fsanitize=address" -DCMAKE_CXX_FLAGS="-fsanitize=address"
make -j17Additional context
Originally from JuliaIO/HDF5.jl#1184
Metadata
Metadata
Assignees
Labels
Type
Projects
Status
Backlog