Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-62668

Synchronize access to ImpersonatedUserMetadata in OperationContext.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • 5.3.0, 4.2.19, 4.4.13, 5.0.7
    • None
    • None
    • Fully Compatible
    • ALL
    • v5.0, v4.4, v4.2
    • Security 2022-01-24
    • 156

    Description

      There is a race condition between "$currentOp" and request threads for the ImpersonatedUserMetadata in OperationContext. To prevent this, ImpersonatedUserMetadata needs to be guarded with synchronization.

      ImpersonatedUserMetadata is a decoration on the OperationContext. It read/written to by the thread that owns the thread. It is read by the $currentOp thread while the $currentOp thread owns the client lock. Access to it could be guarded with the Client lock or a dedicated mutex.

      Attachments

        Activity

          People

            gabriel.marks@mongodb.com Gabriel Marks
            mark.benvenuto@mongodb.com Mark Benvenuto
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: