-
Type:
Bug
-
Status: Closed
-
Priority:
Major - P3
-
Resolution: Fixed
-
Affects Version/s: 3.4.0, 3.6.0, 4.0.0, 4.2.0
-
Component/s: Replication
-
Labels:None
-
Backwards Compatibility:Fully Compatible
-
Operating System:ALL
-
Backport Requested:v4.2, v4.0, v3.6, v3.4
-
Sprint:Execution Team 2019-10-21
OplogInterfaceLocal::next() returns an unowned BSONObj. This is problematic because callers in RollBackLocalOperations::onRemoteOperation() save the resulting object and call next() several times without taking ownership first. This results in a bugs where an unowned BSONObj can point to freed or overwritten memory.