Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11475

Recursion through role graph with user-defined roles causes seg faults

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.5.4
    • Affects Version/s: 2.5.3
    • Component/s: Security
    • Labels:
    • Linux

      Try to create large chain of linked roles:

      Role0 -> Role1 -> Role2 -> Role3 -> ..... -> RoleN

      At some value of N (depending on machine) seg fault will occur. It seems stack is blown, from many recursive calls to RoleGraph::_recomputePrivilegeDataHelper.

      Try to create a cycle of linked roles:

      Role0 -> Role1 -> Role2 -> Role3 -> ..... -> RoleN -> Role0

      Trying to create a large cycle (1600 roles) causes a segmentation fault. We think that the stack blew up (too many recursive calls to search through the role graph?). From the stack trace, it seems that 1396 calls to the RoleGraph::_recomputePrivilegeDataHelper went through before it blew the top.

      Test that produced bugs is attached.

        1. actions.js
          3 kB
        2. qa_341_chain_roles.js
          3 kB

            Assignee:
            spencer@mongodb.com Spencer Brody (Inactive)
            Reporter:
            samantha.ritter@mongodb.com Samantha Ritter (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: