primary pointer is allocated here:
MONGO_EXPORT void mongo_replset_init( mongo *conn, const char *name ) {
mongo_init( conn );
conn->replset = bson_malloc( sizeof( mongo_replset ) );
conn->replset->primary_connected = 0;
conn->replset->seeds = NULL;
conn->replset->hosts = NULL;
conn->replset->name = ( char * )bson_malloc( strlen( name ) + 1 );
memcpy( conn->replset->name, name, strlen( name ) + 1 );
conn->primary = bson_malloc( sizeof( mongo_host_port ) );
}
As you can see, the structure is not initialized in any shape or form.
If a call to mongo_get_primary is performed right after this, a fatal memory overrun will occur at the driver level and the only solution for this is shutting down the application using the driver and starting it again.
I solved the problem adding the following code after the malloc of primary:
/* JSB */
conn->primary->host[0] = (char)NULL;
conn->primary->next = NULL;
And changing the following function to be aware of NULL value on the first char of host array.
MONGO_EXPORT const char* mongo_get_primary(mongo* conn) {
mongo* conn_ = (mongo*)conn;
/* JSB */
if (conn_>primary>host[0])
return get_host_port(conn->primary);
else return NULL;
}
- duplicates
-
CDRIVER-147 When calling API mongo_get_primary if mongo->primary has not been initalized results on memory overun
-
- Closed
-