Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 1.8.0
Affects Version/s: None
Component/s: None
Labels:
None

Case:
Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Link:
None
Goal Name(s):
None

When parsing BSON with a codewscope type we subtract 1 from the code string length. If it is 0 we underflow. (bson-iter.c:1410)

if (length) {
   memcpy (&len, iter->raw + iter->d2, sizeof (len));
    *length = BSON_UINT32_FROM_LE (len) - 1;
}

Assignee:: Kevin Albertson
Reporter:: Kevin Albertson
Votes:: 0 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: Sep 07 2017 07:51:48 PM UTC
Updated:: Oct 28 2023 11:30:29 AM UTC
Resolved:: Sep 12 2017 02:37:10 PM UTC
Confidence Status Last Update:: 07/Sep/17 7:52 PM