Use-after-free after popping a session from a client that has been reset

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Major - P3
    • 1.16.0
    • Affects Version/s: 1.15.3
    • Component/s: None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Situation:

      • mongoc_client_reset is called on a mongoc_client_t
      • an operation is performed on the client that requires popping a session from the session pool. This would be most operations against 3.6+ server.

      Since _mongoc_topology_clear_session_pool does not NULL out topology->session_pool, the next attempt to pop a session results in a use-after-free when accessing topology->session_pool.

              Assignee:
              Kevin Albertson
              Reporter:
              Kevin Albertson
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: