Open MageWeiG opened 1 week ago
Which version of the library is this, how are you configuring and building the library, and how are you exercising the code? I don't see this problem via valgrind w/ gcc 13.2.0 when I run the file through the HDF5 command-line tools.
This vulnerability was discovered while testing h5_extended_fuzzer using ossfuzz. According to Dockerfile (https://github.com/google/oss-fuzz/blob/master/projects/hdf5/Dockerfile), using the latest code. Because in the build. Sh (https://github.com/google/oss-fuzz/blob/master/projects/hdf5/build.sh) file is not found in the compiler, so I run into the Docker environment to see, The default compilation environment is 'CXX=clang++','CC=clang'. The harness file used is located https://github.com/google/oss-fuzz/blob/master/projects/hdf5/h5_extended_fuzzer.c . Just replicated it using fuzzer and found it triggers. Do you need any more information?
While testing h5_extended_fuzzer with libfuzzer, I found a memory leak
The reason for this vulnerability is: There is a direct leak that occurs when object creation is handled in the HDF5 library. The H5O_create_ohdr function attempted to allocate memory via H5FL_reg_calloc (it is based on H5FL_reg_malloc), but the memory could not be freed before the end of the program. In addition, H5Ochunk_deserialize, H5O__chunk_deserialize, H5Oalloc_msgs three functions also have the same leakage problem.
the following crash information:
The vulnerability trigger sample is attached. leak-f09dd087c9ceb2002b004890a9ef5d1e6532fcc0.zip