Skip to content

Fix CVE-2025-2310 #5872

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Fix CVE-2025-2310 #5872

wants to merge 2 commits into from

Conversation

mattjala
Copy link
Contributor

@mattjala mattjala commented Sep 24, 2025
edited by ellipsis-dev bot
Loading

Malformed files can have a zero name-length, which when subtracted lead to an overflow and an out-of-bounds read.

Check that name length is not too small in addition to checking for an overflow directly.

Important

Fixes overflow and out-of-bounds read in H5O__attr_decode() by ensuring name_len is greater than 1 in H5Oattr.c.

  • Security Fix:
    • In H5O__attr_decode() in H5Oattr.c, added a check to ensure name_len is greater than 1 to prevent overflow and out-of-bounds read.
    • This prevents processing of malformed files with zero-length names.

This description was created by Ellipsis for a5a0b30. You can customize this summary. It will automatically update as commits are pushed.

@mattjala mattjala added the Component - C Library Core C library issues (usually in the src directory) label Sep 24, 2025
@github-project-automation github-project-automation bot moved this to To be triaged in HDF5 - TRIAGE & TRACK Sep 24, 2025
jhendersonHDF
jhendersonHDF reviewed Sep 24, 2025
View reviewed changes
@mattjala mattjala marked this pull request as draft September 24, 2025 22:11
@nbagha1 nbagha1 added this to the Release 2.0.0 milestone Sep 26, 2025
@mattjala mattjala marked this pull request as ready for review September 26, 2025 23:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jhendersonHDF jhendersonHDF jhendersonHDF left review comments

@lrknox lrknox Awaiting requested review from lrknox lrknox is a code owner

@derobins derobins Awaiting requested review from derobins derobins is a code owner

@byrnHDF byrnHDF Awaiting requested review from byrnHDF byrnHDF is a code owner

@fortnern fortnern Awaiting requested review from fortnern fortnern is a code owner

@qkoziol qkoziol Awaiting requested review from qkoziol qkoziol is a code owner

@vchoi-hdfgroup vchoi-hdfgroup Awaiting requested review from vchoi-hdfgroup vchoi-hdfgroup is a code owner

@bmribler bmribler Awaiting requested review from bmribler bmribler is a code owner

@glennsong09 glennsong09 Awaiting requested review from glennsong09 glennsong09 is a code owner

@brtnfld brtnfld Awaiting requested review from brtnfld brtnfld is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@bmribler bmribler

Labels
Component - C Library Core C library issues (usually in the src directory)
Projects
HDF5 - TRIAGE & TRACK
Status: To be triaged
Milestone
Release 2.0.0
Development

Successfully merging this pull request may close these issues.
4 participants
@mattjala @jhendersonHDF @bmribler @nbagha1