Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: 1.2-beta0
Affects Version/s: 1.1.0
Component/s: auth, Build, libmongoc
Labels:
None

Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Link:
None
Goal Name(s):
None

mongo-c-driver 1.1.0 (and the latest code in the repository also) contains the file src/mongoc/mongoc-sasl.c with this code intended to only call the function sasl_client_done on SASL version 2.1.24 or greater:

#if (SASL_VERSION_MAJOR >= 2) && \
    (SASL_VERSION_MINOR >= 1) && \
    (SASL_VERSION_STEP >= 24) && \
    (!defined(__APPLE__))
   sasl_client_done ();
#endif

This code is clearly completely wrong. What will happen if the SASL version is 2.2.0? or 3.0.0? (sasl_client_done will not be called, though you would want it to be.)

Another problem: you're checking the SASL version at compile time. What if the version of SASL at compile time is different from the SASL version at runtime?

depends on

CDRIVER-547 inappropriate use of sasl_client_init and sasl_client_done

Closed

related to

PHPC-306 Check for sasl_client_done when generating mongoc-config.h

Closed

CDRIVER-1207 Deprecated SASL functions and possible crash on OS X 10.11

Closed

CDRIVER-1233 Crash after Kerberos plugin cleanup runs twice

Closed

links to

https://github.com/mongodb/mongo-c-driver/pull/238

Assignee:: Unassigned
Reporter:: Ryan Schmidt
Votes:: 0 Vote for this issue
Watchers:: 5 Start watching this issue

Created:: Feb 17 2015 07:52:34 AM UTC
Updated:: Jan 08 2024 03:30:41 PM UTC
Resolved:: Jun 08 2015 05:43:16 PM UTC
Confidence Status Last Update:: 31/May/15 2:59 PM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates