Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 9.0.0-rc0
Affects Version/s: None
Component/s: None
Labels:
- prodsec-team-server

Backwards Compatibility:
Fully Compatible
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

bson_mutator.cpp declares a static BSONDomainMap called default_domains_.

It's consumed in methods like

BSONObjImpl& BSONObjImpl::WithAny(const std::string& name) {
    _inputElements.try_emplace(name, default_domains_);
    return *this;
}

If a caller every invokes BSONObjImpl::WithAny in the context of a static constructor defined in another TU, it is undefined whether default_domains_ will have constructed.

The FUZZ_TEST macro uses a static object to register tests.

Thus, we must move default_domains to a singleton, which initializes the object on first use. This will prevent the potential SIOF.

Assignee:: Spencer Jackson
Reporter:: Spencer Jackson
Participants:: Githook User, Spencer Jackson
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: Apr 29 2026 05:26:40 PM UTC
Updated:: May 28 2026 04:43:30 PM UTC
Resolved:: May 28 2026 04:43:30 PM UTC

Details

Description

Attachments

Activity

People

Dates