Skip to content

Commit 64568ea

Browse files
oss-patchoss-patch
authored
Merge pull request #10 from aled-ua/aled-ua-patch-test
add an extra size paramete in H5C__decode_cache_image_header()
2 parents 2d5377d + 7e54602 commit 64568ea

File tree

1 file changed

+6
-5
lines changed

1 file changed

+6
-5
lines changed

src/H5Cimage.c

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,8 @@
116116
/* Helper routines */
117117
static size_t H5C__cache_image_block_entry_header_size(const H5F_t *f);
118118
static size_t H5C__cache_image_block_header_size(const H5F_t *f);
119-
static herr_t H5C__decode_cache_image_header(const H5F_t *f, H5C_t *cache_ptr, const uint8_t **buf);
119+
static herr_t H5C__decode_cache_image_header(const H5F_t *f, H5C_t *cache_ptr, const uint8_t **buf,
120+
size_t buf_size);
120121
#ifndef NDEBUG /* only used in assertions */
121122
static herr_t H5C__decode_cache_image_entry(const H5F_t *f, const H5C_t *cache_ptr, const uint8_t **buf,
122123
unsigned entry_num);
@@ -297,7 +298,7 @@ H5C__construct_cache_image_buffer(H5F_t *f, H5C_t *cache_ptr)
297298
/* needed for sanity checks */
298299
fake_cache_ptr->image_len = cache_ptr->image_len;
299300
q = (const uint8_t *)cache_ptr->image_buffer;
300-
status = H5C__decode_cache_image_header(f, fake_cache_ptr, &q);
301+
status = H5C__decode_cache_image_header(f, fake_cache_ptr, &q, cache_ptr->image_len + 1);
301302
assert(status >= 0);
302303

303304
assert(NULL != p);
@@ -1267,7 +1268,7 @@ H5C__cache_image_block_header_size(const H5F_t *f)
12671268
*-------------------------------------------------------------------------
12681269
*/
12691270
static herr_t
1270-
H5C__decode_cache_image_header(const H5F_t *f, H5C_t *cache_ptr, const uint8_t **buf)
1271+
H5C__decode_cache_image_header(const H5F_t *f, H5C_t *cache_ptr, const uint8_t **buf, size_t buf_size)
12711272
{
12721273
uint8_t version;
12731274
uint8_t flags;
@@ -1288,7 +1289,7 @@ H5C__decode_cache_image_header(const H5F_t *f, H5C_t *cache_ptr, const uint8_t *
12881289
p = *buf;
12891290

12901291
/* Ensure buffer has enough data for signature comparison */
1291-
if (H5_IS_BUFFER_OVERFLOW(p, H5C__MDCI_BLOCK_SIGNATURE_LEN, *buf + cache_ptr->image_len))
1292+
if (H5_IS_BUFFER_OVERFLOW(p, H5C__MDCI_BLOCK_SIGNATURE_LEN, *buf + buf_size))
12921293
HGOTO_ERROR(H5E_CACHE, H5E_OVERFLOW, FAIL, "Insufficient buffer size for signature");
12931294

12941295
/* Check signature */
@@ -2390,7 +2391,7 @@ H5C__reconstruct_cache_contents(H5F_t *f, H5C_t *cache_ptr)
23902391

23912392
/* Decode metadata cache image header */
23922393
p = (uint8_t *)cache_ptr->image_buffer;
2393-
if (H5C__decode_cache_image_header(f, cache_ptr, &p) < 0)
2394+
if (H5C__decode_cache_image_header(f, cache_ptr, &p, cache_ptr->image_len + 1) < 0)
23942395
HGOTO_ERROR(H5E_CACHE, H5E_CANTDECODE, FAIL, "cache image header decode failed");
23952396
assert((size_t)(p - (uint8_t *)cache_ptr->image_buffer) < cache_ptr->image_len);
23962397

0 commit comments

Comments
 (0)