Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Critical - P2
Fix Version/s: 8.3.3, 8.2.10, 8.0.24, 7.0.35
Affects Version/s: None
Component/s: None
Labels:
None

Assigned Teams:

Query Optimization
Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v8.3, v8.2, v8.0, v7.0
Linked BF Score:
200
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

An invariant checks runtimeConstants.userRoles is an array containing objects - this is user provided, so can lead to DOS from authenticated clients issuing malformed requests.

Validate in IDL, and consider dropping invariant to tassert.

related to

SERVER-127032 Fix AttributeError crash in IDL compatibility checker when comparing unstable fields with mismatched array types

In Code Review

SERVER-126816 [v7.0] Add no_selinux tag to command_let_variables.js

Closed

SERVER-126979 Temporarily exclude test in multiversion setup

Closed

SERVER-127077 Temporarily exclude agg_currentop.js in multiversion setup

Closed

Assignee:: James Harrison
Reporter:: James Harrison
Participants:: James Harrison
Votes:: 0 Vote for this issue
Watchers:: 7 Start watching this issue

Created:: Apr 13 2026 08:11:33 AM UTC
Updated:: Jun 09 2026 10:04:35 PM UTC
Resolved:: Jun 09 2026 04:27:52 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates