Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 1.15.0
Affects Version/s: 1.7.0
Component/s: None
Labels:
None

Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Link:
None
Goal Name(s):
None

ClientEncryption::createDataKey() uses a stack-allocated bson_t for processing the "masterKey" option. This is never freed, which could lead to a leak if the document ever exceeds the internal limit and triggers dynamic allocation.

is related to

PHPC-2148 Error if RewrapManyDataKey is called with masterKey and without provider

Closed

PHPC-1499 Add clientEncryption API

Closed

related to

PHPC-2151 Validate masterKey option for createDataKey() and rewrapManyDataKey()

Closed

Assignee:: Jeremy Mikola
Reporter:: Jeremy Mikola
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: Oct 14 2022 08:16:45 AM UTC
Updated:: Oct 28 2023 10:49:55 AM UTC
Resolved:: Oct 16 2022 02:17:16 PM UTC

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates