Gabe Sherman

This is the commit: [https://github.com/HDFGroup/hdf5/commit/e4fb67c84aa4a4983e2cee4994235600d813a9ee](url)

Here's the valgrind summary using the h5dump utility with the POC file above renamed to poc: ``` $ valgrind ./hdf5_new/build/bin/h5dump poc ==2284717== Memcheck, a memory error detector ==2284717== Copyright (C)...

To add a bit more context, here is the harness that discovered this crash ``` #include #include #include #include #include int main(int argc, char *argv[]) { char *fuzzData = argv[1];...

This is the harness that this crash was discovered with: ``` #include #include #include #include #include int main(int argc, char *argv[]) { char *fuzzData = argv[1]; char H5Gcreate1var0[256]; sprintf(H5Gcreate1var0, "yhoom");...

To follow up, this heap-use-after free occurs for this reason: At this point in the process, the `exprl` variable is set to the value of the result of `fy_expr_stack_peek` called...

We agree that this appears to be an edge case -- however, it is triggering a memory corruption error, which are typically exploitable security vulnerabilities. Several prior memory corruptions have...

Yes I see where you're coming from, but this exception may not be descriptive to the user as to why it's failing. I see that in the function `is_literal_or_name`, the...

Hey Tomas! Thanks for the response. I don't have a deep understanding of the way the PO files should be processed so a full PR may be challenging, but if...

Sounds good, thanks! Should the process exit when this is detected or should we only raise the warning and leave the exception raising up to the value of self.abort_invalid.

Is the invariant here that if the messages list has an element in it, the translations list should also be populated? Adding in this check at the beginning of `_finish_current_message`...