Details
-
Task
-
Resolution: Fixed
-
Major - P3
-
None
-
None
-
None
-
Fully Compatible
-
Security 2021-10-04
-
167
Description
When the parseAuditHeaderFromJSON() function performs a AuditHeaderOptionsDocument::parse() of the input audit header BSON object fileHeaderBSON, it stores an un-owned BSONObj for the _keyStoreIdentifier member variable. This causes a use-after-free when the owning BSON object goes out of scope at function return, and the resulting AuditHeaderOptionsDocument object's _keyStoreIdentifier is used later in createKeyManagerFromHeader().
Attachments
Issue Links
- is depended on by
-
SERVER-59917 Create setParameter for splitting Audit Header to separate file
-
- Closed
-