Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-6652

memory leak on Matcher validation failure after _where allocated

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major - P3 Major - P3
    • 2.5.0
    • None
    • Querying
    • ALL

    Description

      The Matcher manages memory for its _where object manually, with an explicit delete call in ~Matcher(). It is possible for a query validation error to trigger an exception in the Matcher() constructor after _where has been allocated. In this case, the _where object is never deallocated because the ~Matcher() destructor is never called.

      The Where object will not yet have set up a javascript scope in this case (so no scope will be leaked). But the small Where object will be leaked, and if a user repeatedly sends bad queries these leaks will add up.

      Test

      t = db.t;
      t.drop();
       
      // Does not leak.
      t.find( { $where:'true', a:{ $mod:[ 1 /* valid arg */, 0 ] } } ).itcount();
       
      // Leaks, because $mod validation fails inside Matcher() constructor and _where is never deallocated.
      t.find( { $where:'true', a:{ $mod:[ 0 /* invalid arg */, 0 ] } } ).itcount();

      Attachments

        Activity

          People

            Unassigned Unassigned
            aaron Aaron Staple
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: