Date: Saturday, June 17, 2017 @ 13:39:09 Author: archange Revision: 237876
Fix several CVEs, add Fortran bindings The following CVE are fixed in this release: CVE-2016-4330: HDF5 bug HDFFV-9992 (TALOS-2016-176) CVE-2016-4331: HDF5 bug HDFFV-9951 (TALOS-2016-177) CVE-2016-4332: HDF5 bug HDFFV-9950 (TALOS-2016-178) CVE-2016-4333: HDF5 bug HDFFV-9993 (TALOS-2016-179) Fortran bindings are added (no incompatibilities at all). Some cleaning Added: hdf5-openmpi/trunk/hdf51.10-CVE2016.patch Modified: hdf5-openmpi/trunk/PKGBUILD ------------------------+ PKGBUILD | 96 ++++++++-------- hdf51.10-CVE2016.patch | 280 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 331 insertions(+), 45 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2017-06-17 13:11:21 UTC (rev 237875) +++ PKGBUILD 2017-06-17 13:39:09 UTC (rev 237876) @@ -1,5 +1,6 @@ # $Id$ # Maintainer: Ronald van Haren <ronald.archlinux.org> +# Maintainer: Bruno Pagani (a.k.a. ArchangeGabriel) <[email protected]> # Contributor: Stefan Husmann <[email protected]> # Contributor: damir <[email protected]> # Contributor: Tom K <[email protected]> @@ -6,62 +7,67 @@ # Contributor: Jed Brown <[email protected]> # Contributor: Simone Pezzuto <[email protected]> -pkgname=hdf5-openmpi _pkgname=hdf5 -pkgver=1.10.0_patch1 -_pkgver=1.10.0-patch1 -pkgrel=2 +_mpi=openmpi +pkgname=${_pkgname}-${_mpi} +_patch=patch1 +pkgver=1.10.0_${_patch} +pkgrel=3 +pkgdesc="General purpose library and file format for storing scientific data (${_mpi} version)" arch=('i686' 'x86_64') -pkgdesc="General purpose library and file format for storing scientific data (OpenMPI version)" -url="http://www.hdfgroup.org/HDF5/"; +url="https://www.hdfgroup.org/HDF5/"; license=('custom') -depends=('zlib' 'sh' 'openmpi') -makedepends=('time') -provides=('hdf5') +depends=('zlib' 'bash' 'openmpi') +makedepends=('time' 'gcc-fortran') +provides=('hdf5' 'hdf5-cpp-fortran' "hdf5-fortran-${_mpi}") conflicts=('hdf5') -source=(ftp://ftp.hdfgroup.org/HDF5/releases/${_pkgname}-1.10/${_pkgname}-${_pkgver}/src/${_pkgname}-${_pkgver}.tar.bz2 - mpi.patch) -sha1sums=('2f34251186fa9e59887d8f094bc0bc90187d0aa4' - '658d4a3e537c9c76da3200effa8f95b656a21936') +replaces=("hdf5-fortran-${_mpi}") +source=("https://support.hdfgroup.org/ftp/HDF5/releases/${_pkgname}-${pkgver:0:4}/${_pkgname}-${pkgver/_/-}/src/${_pkgname}-${pkgver/_/-}.tar.bz2"; + 'mpi.patch' + 'hdf51.10-CVE2016.patch') +md5sums=('f6d980febe2c35c11670a9b34fa3b487' + 'dfa8dd50b8a7ebb3ad7249c627156cf9' + 'ebc0db3fe6d55dc39f63143ebb6327d4') -build() { - cd "$srcdir/${_pkgname}-${pkgver/_/-}" +prepare() { + cd ${_pkgname}-${pkgver/_/-} - # FS#33343 - patch -Np1 -i "${srcdir}/mpi.patch" + patch -p0 -i ../hdf51.10-CVE2016.patch + # FS#33343 + patch -p1 -i ../mpi.patch +} - ./configure \ - CXX="mpicxx" \ - CC="mpicc" \ - FC="mpif90" \ - F9X="mpif90" \ - RUNPARALLEL="mpirun" \ - OMPI_MCA_disable_memory_allocator=1 \ - --prefix=/usr \ - --with-pthread=/usr/lib/ \ - --enable-linux-lfs \ - --enable-unsupported \ - --enable-shared \ - --disable-static \ - --enable-build-mode=production \ - --with-zlib \ - --enable-parallel=yes \ - --enable-cxx \ - --disable-sharedlib-rpath - - make +build() { + cd ${_pkgname}-${pkgver/_/-} + ./configure \ + CXX="mpicxx" \ + CC="mpicc" \ + FC="mpif90" \ + F9X="mpif90" \ + RUNPARALLEL="mpirun" \ + OMPI_MCA_disable_memory_allocator=1 \ + --prefix=/usr \ + --disable-static \ + --enable-hl \ + --enable-build-mode=production \ + --with-pic \ + --docdir=/usr/share/doc/hdf5/ \ + --disable-sharedlib-rpath \ + --enable-cxx \ + --enable-fortran \ + --enable-parallel \ + --enable-unsupported \ + --with-zlib + make } package() { - cd "$srcdir/${_pkgname}-${pkgver/_/-}" + cd ${_pkgname}-${pkgver/_/-} - make -j1 DESTDIR="${pkgdir}" install + make -j1 DESTDIR="${pkgdir}" install - install -d -m755 "$pkgdir/usr/share/$_pkgname" - mv "$pkgdir"/usr/share/{hdf5_examples,$_pkgname/examples} + install -dm755 "${pkgdir}"/usr/share/${_pkgname} + mv "${pkgdir}"/usr/share/{hdf5_examples,${_pkgname}/examples} - install -d -m755 "$pkgdir/usr/share/licenses/${pkgname}" - install -m644 "$srcdir/${_pkgname}-${pkgver/_/-}/COPYING" \ - "$pkgdir/usr/share/licenses/${pkgname}/LICENSE" + install -Dm644 COPYING "${pkgdir}"/usr/share/licenses/${_pkgname}/LICENSE } - Added: hdf51.10-CVE2016.patch =================================================================== --- hdf51.10-CVE2016.patch (rev 0) +++ hdf51.10-CVE2016.patch 2017-06-17 13:39:09 UTC (rev 237876) @@ -0,0 +1,280 @@ +diff --git src/H5Ocache.c src/H5Ocache.c +index 831b08a..eab0fd2 100644 +--- src/H5Ocache.c ++++ src/H5Ocache.c +@@ -1433,6 +1433,10 @@ H5O__chunk_deserialize(H5O_t *oh, haddr_t addr, size_t len, const uint8_t *image + HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "bad flag combination for message") + if((flags & H5O_MSG_FLAG_WAS_UNKNOWN) && !(flags & H5O_MSG_FLAG_MARK_IF_UNKNOWN)) + HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "bad flag combination for message") ++ if((flags & H5O_MSG_FLAG_SHAREABLE) ++ && H5O_msg_class_g[id] ++ && !(H5O_msg_class_g[id]->share_flags & H5O_SHARE_IS_SHARABLE)) ++ HGOTO_ERROR(H5E_OHDR, H5E_CANTLOAD, FAIL, "message of unsharable class flagged as sharable") + + /* Reserved bytes/creation index */ + if(oh->version == H5O_VERSION_1) +diff --git src/H5Odtype.c src/H5Odtype.c +index e51d319..799f475 100644 +--- src/H5Odtype.c ++++ src/H5Odtype.c +@@ -311,7 +311,11 @@ H5O_dtype_decode_helper(H5F_t *f, unsigned *ioflags/*in,out*/, const uint8_t **p + if(version == H5O_DTYPE_VERSION_1) { + /* Decode the number of dimensions */ + ndims = *(*pp)++; +- HDassert(ndims <= 4); ++ ++ /* Check that ndims is valid */ ++ if(ndims > 4) ++ HGOTO_ERROR(H5E_DATATYPE, H5E_BADTYPE, FAIL, "invalid number of dimensions for array") ++ + *pp += 3; /*reserved bytes */ + + /* Skip dimension permutation */ +@@ -519,7 +523,8 @@ H5O_dtype_decode_helper(H5F_t *f, unsigned *ioflags/*in,out*/, const uint8_t **p + dt->shared->u.array.ndims = *(*pp)++; + + /* Double-check the number of dimensions */ +- HDassert(dt->shared->u.array.ndims <= H5S_MAX_RANK); ++ if(dt->shared->u.array.ndims > H5S_MAX_RANK) ++ HGOTO_ERROR(H5E_DATATYPE, H5E_CANTLOAD, FAIL, "too many dimensions for array datatype") + + /* Skip reserved bytes, if version has them */ + if(version < H5O_DTYPE_VERSION_3) +diff --git src/H5Opkg.h src/H5Opkg.h +index 7473397..0fefa21 100644 +--- src/H5Opkg.h ++++ src/H5Opkg.h +@@ -212,6 +212,7 @@ + \ + /* Set the message's "shared info", if it's shareable */ \ + if((MSG)->flags & H5O_MSG_FLAG_SHAREABLE) { \ ++ HDassert(msg_type->share_flags & H5O_SHARE_IS_SHARABLE); \ + H5O_UPDATE_SHARED((H5O_shared_t *)(MSG)->native, H5O_SHARE_TYPE_HERE, (F), msg_type->id, (MSG)->crt_idx, (OH)->chunk[0].addr) \ + } /* end if */ \ + \ +diff --git src/H5Znbit.c src/H5Znbit.c +index e2fb300..ca9f52a 100644 +--- src/H5Znbit.c ++++ src/H5Znbit.c +@@ -60,11 +60,11 @@ static void H5Z_nbit_decompress_one_nooptype(unsigned char *data, size_t data_of + unsigned char *buffer, size_t *j, int *buf_len, unsigned size); + static void H5Z_nbit_decompress_one_atomic(unsigned char *data, size_t data_offset, + unsigned char *buffer, size_t *j, int *buf_len, parms_atomic p); +-static void H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset, ++static herr_t H5Z__nbit_decompress_one_array(unsigned char *data, size_t data_offset, + unsigned char *buffer, size_t *j, int *buf_len, const unsigned parms[]); +-static void H5Z_nbit_decompress_one_compound(unsigned char *data, size_t data_offset, ++static herr_t H5Z__nbit_decompress_one_compound(unsigned char *data, size_t data_offset, + unsigned char *buffer, size_t *j, int *buf_len, const unsigned parms[]); +-static void H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffer, ++static herr_t H5Z__nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffer, + const unsigned parms[]); + static void H5Z_nbit_compress_one_nooptype(unsigned char *data, size_t data_offset, + unsigned char *buffer, size_t *j, int *buf_len, unsigned size); +@@ -990,7 +990,8 @@ H5Z_filter_nbit(unsigned flags, size_t cd_nelmts, const unsigned cd_values[], + HGOTO_ERROR(H5E_RESOURCE, H5E_NOSPACE, 0, "memory allocation failed for nbit decompression") + + /* decompress the buffer */ +- H5Z_nbit_decompress(outbuf, d_nelmts, (unsigned char *)*buf, cd_values); ++ if(H5Z__nbit_decompress(outbuf, d_nelmts, (unsigned char *)*buf, cd_values) < 0) ++ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, 0, "can't decompress buffer") + } /* end if */ + /* output; compress */ + else { +@@ -1139,12 +1140,15 @@ H5Z_nbit_decompress_one_atomic(unsigned char *data, size_t data_offset, + } + } + +-static void +-H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset, ++static herr_t ++H5Z__nbit_decompress_one_array(unsigned char *data, size_t data_offset, + unsigned char *buffer, size_t *j, int *buf_len, const unsigned parms[]) + { + unsigned i, total_size, base_class, base_size, n, begin_index; + parms_atomic p; ++ herr_t ret_value = SUCCEED; /* Return value */ ++ ++ FUNC_ENTER_STATIC + + total_size = parms[parms_index++]; + base_class = parms[parms_index++]; +@@ -1155,7 +1159,12 @@ H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset, + p.order = parms[parms_index++]; + p.precision = parms[parms_index++]; + p.offset = parms[parms_index++]; +- n = total_size/p.size; ++ ++ /* Check values of precision and offset */ ++ if(p.precision > p.size * 8 || (p.precision + p.offset) > p.size * 8) ++ HGOTO_ERROR(H5E_PLINE, H5E_BADTYPE, FAIL, "invalid datatype precision/offset") ++ ++ n = total_size / p.size; + for(i = 0; i < n; i++) + H5Z_nbit_decompress_one_atomic(data, data_offset + i*p.size, + buffer, j, buf_len, p); +@@ -1165,8 +1174,9 @@ H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset, + n = total_size/base_size; /* number of base_type elements inside the array datatype */ + begin_index = parms_index; + for(i = 0; i < n; i++) { +- H5Z_nbit_decompress_one_array(data, data_offset + i*base_size, +- buffer, j, buf_len, parms); ++ if(H5Z__nbit_decompress_one_array(data, data_offset + i * base_size, ++ buffer, j, buf_len, parms) < 0) ++ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress array") + parms_index = begin_index; + } + break; +@@ -1175,8 +1185,9 @@ H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset, + n = total_size/base_size; /* number of base_type elements inside the array datatype */ + begin_index = parms_index; + for(i = 0; i < n; i++) { +- H5Z_nbit_decompress_one_compound(data, data_offset + i*base_size, +- buffer, j, buf_len, parms); ++ if(H5Z__nbit_decompress_one_compound(data, data_offset + i * base_size, ++ buffer, j, buf_len, parms) < 0) ++ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress compound") + parms_index = begin_index; + } + break; +@@ -1187,51 +1198,76 @@ H5Z_nbit_decompress_one_array(unsigned char *data, size_t data_offset, + default: + HDassert(0 && "This Should never be executed!"); + } /* end switch */ ++ ++done: ++ FUNC_LEAVE_NOAPI(ret_value) + } + +-static void +-H5Z_nbit_decompress_one_compound(unsigned char *data, size_t data_offset, ++static herr_t ++H5Z__nbit_decompress_one_compound(unsigned char *data, size_t data_offset, + unsigned char *buffer, size_t *j, int *buf_len, const unsigned parms[]) + { +- unsigned i, nmembers, member_offset, member_class, size; ++ unsigned i, nmembers, member_offset, member_class, member_size, used_size = 0, size; + parms_atomic p; ++ herr_t ret_value = SUCCEED; /* Return value */ + +- parms_index++; /* skip total size of compound datatype */ ++ FUNC_ENTER_STATIC ++ ++ size = parms[parms_index++]; + nmembers = parms[parms_index++]; + + for(i = 0; i < nmembers; i++) { + member_offset = parms[parms_index++]; + member_class = parms[parms_index++]; ++ ++ /* Check for overflow */ ++ member_size = parms[parms_index]; ++ used_size += member_size; ++ if(used_size > size) ++ HGOTO_ERROR(H5E_PLINE, H5E_BADTYPE, FAIL, "compound member offset overflowed compound size") + switch(member_class) { + case H5Z_NBIT_ATOMIC: +- p.size = parms[parms_index++]; ++ p.size = member_size; ++ /* Advance past member size */ ++ parms_index++; + p.order = parms[parms_index++]; + p.precision = parms[parms_index++]; + p.offset = parms[parms_index++]; ++ ++ /* Check values of precision and offset */ ++ if(p.precision > p.size * 8 || (p.precision + p.offset) > p.size * 8) ++ HGOTO_ERROR(H5E_PLINE, H5E_BADTYPE, FAIL, "invalid datatype precision/offset") ++ + H5Z_nbit_decompress_one_atomic(data, data_offset + member_offset, + buffer, j, buf_len, p); + break; + case H5Z_NBIT_ARRAY: +- H5Z_nbit_decompress_one_array(data, data_offset + member_offset, +- buffer, j, buf_len, parms); ++ if(H5Z__nbit_decompress_one_array(data, data_offset + member_offset, ++ buffer, j, buf_len, parms) < 0) ++ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress array") + break; + case H5Z_NBIT_COMPOUND: +- H5Z_nbit_decompress_one_compound(data, data_offset+member_offset, +- buffer, j, buf_len, parms); ++ if(H5Z__nbit_decompress_one_compound(data, data_offset+member_offset, ++ buffer, j, buf_len, parms) < 0) ++ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress compound") + break; + case H5Z_NBIT_NOOPTYPE: +- size = parms[parms_index++]; ++ /* Advance past member size */ ++ parms_index++; + H5Z_nbit_decompress_one_nooptype(data, data_offset+member_offset, +- buffer, j, buf_len, size); ++ buffer, j, buf_len, member_size); + break; + default: + HDassert(0 && "This Should never be executed!"); + } /* end switch */ + } ++ ++done: ++ FUNC_LEAVE_NOAPI(ret_value) + } + +-static void +-H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffer, ++static herr_t ++H5Z__nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffer, + const unsigned parms[]) + { + /* i: index of data, j: index of buffer, +@@ -1239,6 +1275,9 @@ H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffe + size_t i, j, size; + int buf_len; + parms_atomic p; ++ herr_t ret_value = SUCCEED; /* Return value */ ++ ++ FUNC_ENTER_STATIC + + /* may not have to initialize to zeros */ + for(i = 0; i < d_nelmts*parms[4]; i++) data[i] = 0; +@@ -1254,6 +1293,11 @@ H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffe + p.order = parms[5]; + p.precision = parms[6]; + p.offset = parms[7]; ++ ++ /* Check values of precision and offset */ ++ if(p.precision > p.size * 8 || (p.precision + p.offset) > p.size * 8) ++ HGOTO_ERROR(H5E_PLINE, H5E_BADTYPE, FAIL, "invalid datatype precision/offset") ++ + for(i = 0; i < d_nelmts; i++) { + H5Z_nbit_decompress_one_atomic(data, i*p.size, buffer, &j, &buf_len, p); + } +@@ -1262,7 +1306,8 @@ H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffe + size = parms[4]; + parms_index = 4; + for(i = 0; i < d_nelmts; i++) { +- H5Z_nbit_decompress_one_array(data, i*size, buffer, &j, &buf_len, parms); ++ if(H5Z__nbit_decompress_one_array(data, i*size, buffer, &j, &buf_len, parms) < 0) ++ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress array") + parms_index = 4; + } + break; +@@ -1270,13 +1315,17 @@ H5Z_nbit_decompress(unsigned char *data, unsigned d_nelmts, unsigned char *buffe + size = parms[4]; + parms_index = 4; + for(i = 0; i < d_nelmts; i++) { +- H5Z_nbit_decompress_one_compound(data, i*size, buffer, &j, &buf_len, parms); ++ if(H5Z__nbit_decompress_one_compound(data, i*size, buffer, &j, &buf_len, parms) < 0) ++ HGOTO_ERROR(H5E_PLINE, H5E_CANTFILTER, FAIL, "can't decompress compound") + parms_index = 4; + } + break; + default: + HDassert(0 && "This Should never be executed!"); + } /* end switch */ ++ ++done: ++ FUNC_LEAVE_NOAPI(ret_value) + } + + static void H5Z_nbit_compress_one_byte(unsigned char *data, size_t data_offset, int k, int begin_i,
