Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-36926

Undefined behavior from signed overflow in cursor manager, can result in mongos invariant failure

    XMLWordPrintable

Details

    • Fully Compatible
    • ALL
    • v4.0, v3.6
    • Query 2018-10-08

    Description

      david.storch pointed this out while we were reading some code at my desk:

      The call to std::abs(_pseudoRandom.nextInt32()) here could result in undefined behavior if _pseudoRandom.nextInt32() returns MIN_INT. Most compilers will probably do something reasonable in this situation. Many will probably just return MIN_INT, meaning that it's possible to get a negative cursor id.

      Attachments

        Issue Links

          Activity

            People

              ted.tuckman@mongodb.com Ted Tuckman
              ian.boros@mongodb.com Ian Boros
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: