[SERVER-60326] Windows Server fails to start when X509 certificate has empty subject name - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: 4.4.7
Fix Version/s: 4.4.11, 5.0.4, 5.1.0-rc0
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v5.0, v4.4
Sprint:
Security 2021-10-04, Security 2021-10-18
Case:

Description

MongoDB 4.4.7 fails to start when provided an X.509 certificate whose subject name is empty. Windows provides us with the number of subject name RDNs as an unsigned integer, from which we subtract 1. The arithmetic on value line is going to be on unsigned 32bit types. Unsigned arithmetic has defined over/underflow semantics. 0 - 1 will evaluate to a large number which can be correctly assigned to i.

Attachments

Activity

People

Assignee:: Erwin Pe

Reporter:: Spencer Jackson

Participants:: Erwin Pe, Githook User, Spencer Jackson

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: Sep 29 2021 08:30:44 PM UTC

Updated:: Oct 21 2021 06:32:55 PM UTC

Resolved:: Oct 18 2021 03:23:21 PM UTC