Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 5.0.4, 5.1.0-rc0
Affects Version/s: None
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v5.0
Sprint:
Execution Team 2021-06-14
Linked BF Score:
43
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

On bsonelement.h an unsafe cast is being done that could end up in a situation where NaN (which representation according to the EcmaScript specification is 9007199254740990) is being casted to an integer, the following example can cause such situation:

let st = new ShardingTest({mongos:1, shards:1});
st.s.adminCommand({enableSharding: 'db'});
st.s.adminCommand({shardCollection: 'db.test', key: { _id: NaN }});

Here when passing the index we end up trying to get the number which does the cast. This causes failures on the fuzzer tests as can be seeing in the linked BF.

Assignee:: Benety Goh
Reporter:: Marcos José Grillo Ramirez
Participants:: Benety Goh, Githook User, Marcos José Grillo Ramirez, Vivian Ge
Votes:: 0 Vote for this issue
Watchers:: 5 Start watching this issue

Created:: Jun 02 2021 12:27:08 PM UTC
Updated:: Oct 29 2023 09:52:48 PM UTC
Resolved:: Jun 10 2021 10:03:06 PM UTC
Confidence Status Last Update:: 10/Jun/21 8:15 PM

Details

Description

Attachments

Forms

Activity

People

Dates