From 67888ac3c02bee1d74fc0b0577c1d5e47f6d68f8 Mon Sep 17 00:00:00 2001 From: Dana Robinson <43805+derobins@users.noreply.github.com> Date: Sun, 24 Mar 2024 20:07:01 -0700 Subject: [PATCH] Fixed a cache assert with too-large metadata objects (#4231) If the library tries to load a metadata object that is above the library's hard-coded limits, the size will trip an assert in debug builds. In HDF5 1.14.4, this can happen if you create a very large number of links in an old-style group that uses local heaps. The library will now emit a normal error when it tries to load a metadata object that is too large. Partially addresses GitHub #3762 --- release_docs/RELEASE.txt | 12 ++++++++++++ src/H5Centry.c | 15 +++++++++++---- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index 6965be0cb28..ef3f1af4912 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -461,6 +461,18 @@ Bug Fixes since HDF5-1.14.3 release Library ------- + - Fixed a cache assert with too-large metadata objects + + If the library tries to load a metadata object that is above the + library's hard-coded limits, the size will trip an assert in debug + builds. In HDF5 1.14.4, this can happen if you create a very large + number of links in an old-style group that uses local heaps. + + The library will now emit a normal error when it tries to load a + metadata object that is too large. + + Partially addresses GitHub #3762 + - Fixed an issue with the Subfiling VFD and multiple opens of a file diff --git a/src/H5Centry.c b/src/H5Centry.c index c6892e90e3c..a799c4bb97d 100644 --- a/src/H5Centry.c +++ b/src/H5Centry.c @@ -1216,10 +1216,9 @@ H5C__load_entry(H5F_t *f, assert((dirty == false) || (type->id == 5 || type->id == 6)); - entry->cache_ptr = f->shared->cache; - entry->addr = addr; - entry->size = len; - assert(entry->size < H5C_MAX_ENTRY_SIZE); + entry->cache_ptr = f->shared->cache; + entry->addr = addr; + entry->size = len; entry->image_ptr = image; entry->image_up_to_date = !dirty; entry->type = type; @@ -1289,6 +1288,14 @@ H5C__load_entry(H5F_t *f, H5C__RESET_CACHE_ENTRY_STATS(entry); + /* This is a temporary fix for a problem identified in GitHub #3762, where + * it looks like a local heap entry can grow to a size that is larger + * than the metadata cache will allow. This doesn't fix the underlying + * problem, but it at least prevents the library from crashing. + */ + if (entry->size >= H5C_MAX_ENTRY_SIZE) + HGOTO_ERROR(H5E_CACHE, H5E_BADVALUE, NULL, "cache entry size is too large"); + ret_value = thing; done: