Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11475

Recursion through role graph with user-defined roles causes seg faults

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 2.5.3
    • Fix Version/s: 2.5.4
    • Component/s: Security
    • Labels:
    • Operating System:
      Linux

      Description

      Try to create large chain of linked roles:

      Role0 -> Role1 -> Role2 -> Role3 -> ..... -> RoleN

      At some value of N (depending on machine) seg fault will occur. It seems stack is blown, from many recursive calls to RoleGraph::_recomputePrivilegeDataHelper.

      Try to create a cycle of linked roles:

      Role0 -> Role1 -> Role2 -> Role3 -> ..... -> RoleN -> Role0

      Trying to create a large cycle (1600 roles) causes a segmentation fault. We think that the stack blew up (too many recursive calls to search through the role graph?). From the stack trace, it seems that 1396 calls to the RoleGraph::_recomputePrivilegeDataHelper went through before it blew the top.

      Test that produced bugs is attached.

        Attachments

        1. actions.js
          3 kB
        2. qa_341_chain_roles.js
          3 kB

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: