[SERVER-57350] ShardKeyPattern::parseShardKeyPattern() - NaN representation is being cast to integer - MongoDB Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 5.0.4, 5.1.0-rc0
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v5.0
Sprint:
Execution Team 2021-06-14
Linked BF Score:
43

Description

On bsonelement.h an unsafe cast is being done that could end up in a situation where NaN (which representation according to the EcmaScript specification is 9007199254740990) is being casted to an integer, the following example can cause such situation:

let st = new ShardingTest({mongos:1, shards:1});

st.s.adminCommand({enableSharding: 'db'});

st.s.adminCommand({shardCollection: 'db.test', key: { _id: NaN }});

Here when passing the index we end up trying to get the number which does the cast. This causes failures on the fuzzer tests as can be seeing in the linked BF.

Attachments

Activity

People

Assignee:: Benety Goh

Reporter:: Marcos José Grillo Ramirez

Participants:: Benety Goh, Githook User, Marcos José Grillo Ramirez, Vivian Ge

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: Jun 02 2021 12:27:08 PM UTC

Updated:: Oct 06 2021 08:00:44 PM UTC

Resolved:: Jun 10 2021 10:03:06 PM UTC