Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 3.6.0-rc1
Affects Version/s: None
Component/s: Internal Code
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Sprint:
Query 2017-10-23, Query 2017-11-13
Linked BF Score:
0
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

MatcherTypeSet verifies that a numeric BSONElement has an integral value by casting the value to int via BSONElement::numberLong() and then comparing this value with BSONElement::number().

However, calling BSONElement::numberInt() is undefined behavior if the value being cast is outside the representable range of int. We should do something else that checks the value of the double before casting to avoid the undefined behavior.

The undefined behavior was introduced in a test case as part of ~~SERVER-30157~~.

is caused by

SERVER-30157 $type parsing should reject non-integral type codes

Closed

Assignee:: Kyle Suarez (Inactive)

Reporter:: Kyle Suarez (Inactive)

Participants:: Githook User, Kyle Suarez

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: Oct 18 2017 06:23:30 PM UTC

Updated:: Oct 30 2023 11:12:41 PM UTC

Resolved:: Oct 23 2017 09:43:10 PM UTC

Confidence Status Last Update:: 18/Oct/17 6:24 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates