-
Type: Bug
-
Resolution: Unresolved
-
Priority: Minor - P4
-
None
-
Affects Version/s: 1.16.1
-
Component/s: tls
While investigating the top stack frame in CDRIVER-3522, I noticed that some return values in mongoc_stream_tls_openssl_new are not considered.
- inet_pton() may return -1 on error, but the code considers all non-zero return values as success.
- X509_VERIFY_PARAM_set1_ip_asc and X509_VERIFY_PARAM_set1_host return 1 and 0 for success and failure, respectively.
There may be more issues, but these are just two that stood out to me while walking through the code and I wanted to log an issue to make a note of it.
I'm using 1.16.1 as the affects version here since the code seems to have been unchanged from the older libmongoc version reported in CDRIVER-3522.
- is related to
-
CDRIVER-3522 Stack smashing detected connecting to multiple replica set members with TLS
- Closed