Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-44111

Assert BSON object size is valid while copying

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 4.3.1
    • None
    • None
    • None
    • Fully Compatible
    • Execution Team 2019-10-21, Execution Team 2019-11-04

    Description

      The copy() function for BSONObj could detect corrupt BSON and detect undefined behavior earlier for two reasons:

      • There is no verification that objsize() is below the maximum BSON size. An attempt to allocate a new buffer based on the size of an unowned BSON object can lead to very large allocations.
      • By making 2 calls to objsize(), the copy function may allocate a different amount of memory than it writes if the underlying buffer is unowned. This should also be fixed to prevent the possibility of undefined behavior.

      Attachments

        Activity

          People

            louis.williams@mongodb.com Louis Williams
            louis.williams@mongodb.com Louis Williams
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: