Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 3.5.7
Affects Version/s: None
Component/s: Networking
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Steps To Reproduce:
Hide

db.runCommand({$db: 127});
Show
db.runCommand({$db: 127});
Sprint:
Repl 2017-05-08
Linked BF Score:
0
Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

It is possible that the user's request specifies a type other than a string as the $db parameter, so checking the type is necessary to avoid performing an invalid memory access when using the returned StringData later on.

class OpMsgRequest final : public rpc::RequestInterface {
public:
    explicit OpMsgRequest(OpMsg msg) : _msg(std::move(msg)) {}
    StringData getDatabase() const override {
        if (auto db = _msg.body["$db"]) {
            return db.valueStringData();
        }
        return "admin";
    }

is related to

SERVER-28508 Egress and mongod ingress network layers are able to speak basic OP_MSG

Closed

Assignee:: Mathias Stearn

Reporter:: Max Hirschhorn

Participants:: Githook User, Mathias Stearn, Max Hirschhorn

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: Apr 29 2017 04:11:04 PM UTC

Updated:: Oct 30 2023 11:17:07 PM UTC

Resolved:: May 05 2017 04:07:04 PM UTC

GA Target Date:: None

Public Preview Target Date:: None

Private Preview Target Date:: None

Experiment Target Date:: None

Details

Description

Attachments

Issue Links

Activity

People

Dates