Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-60326

Windows Server fails to start when X509 certificate has empty subject name

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 4.4.7
    • Fix Version/s: 4.4.11, 5.0.4, 5.1.0-rc0
    • Component/s: None
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Backport Requested:
      v5.0, v4.4
    • Sprint:
      Security 2021-10-04, Security 2021-10-18
    • Case:

      Description

      MongoDB 4.4.7 fails to start when provided an X.509 certificate whose subject name is empty. Windows provides us with the number of subject name RDNs as an unsigned integer, from which we subtract 1. The arithmetic on value line is going to be on unsigned 32bit types. Unsigned arithmetic has defined over/underflow semantics. 0 - 1 will evaluate to a large number which can be correctly assigned to i.

        Attachments

          Activity

            People

            Assignee:
            erwin.pe Erwin Pe
            Reporter:
            spencer.jackson Spencer Jackson
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: