Loading...

XML

Word

Printable

JSON

Details

Type: Task
Resolution: Done
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Sprint:
Execution Team 2022-08-08, Execution Team 2022-08-22
Linked BF Score:
138

Description

BSONElement methods numberLong and numberInt are used in dozens of places in the codebase, but it's not clear a priori which uses might actually be problematic. If used on a NumberDouble with a NaN value, they simply cast to the desired type, and this can result in undefined behavior that differs depending on the platform. If we know that the type of element is the matching type, then we can safely use these methods to extract it. In many cases, this holds, either where we've already checked the type explicitly, or we know that we constructed this value to be a specific type because it's for internal use and we have a schema for these documents. But in some cases, we probably are just using these methods mistakenly to deal with input of unknown type, when we should be checking the type explicitly.

We are already aware of some issues (e.g. ~~SERVER-68359~~), but more problematic uses could still be lingering, and we should audit the codebase.

Attachments

Issue Links

is related to

SERVER-26148 Commands should convert integers from user input safely

Backlog

related to

SERVER-68796 Shard key index selection may ignore non-default hash seed

Backlog

SERVER-68714 NaN issues in secure random number generator in mongo shell

Closed

SERVER-68715 NaN issues in Check/Wait pid in mongoshell

Closed

SERVER-68716 Fix undefined behavior in mongo::queryable::listDirectory

Closed

SERVER-68740 Non-default-seeded hashed indexes not working correctly since 2.6

Closed

SERVER-68781 Check value of hidden maxChunkSizeBytes

Closed

SERVER-68836 Properly handle NaN and 0 in for LDAPTimeoutMS

Closed

SERVER-68838 Explicitly check for NaN when setting log verbosities

Closed

SERVER-68842 Passing in w: NaN for write concern is interpreted as w: 0

Closed

SERVER-68920 Haystack geoSearch accepts NaN for 'limit' and 'maxDistance'

Closed

SERVER-68922 $natural parser should be stricter (reject NaN, etc)

Closed

SERVER-69008 Narrowing conversion of size parameter for cloneCollectionAsCapped

Closed

SERVER-69009 Narrowing conversion of timestamp components in mozjs valuewriter

Closed

SERVER-69036 Cluster dbStats command rounds prematurely

Closed

SERVER-68741 Remove code handling the non-default seed for hashed indexes

Closed

SERVER-68705 Refactor BSONElement API to avoid unsafe implicit type conversion

Backlog

SERVER-68720 Safely parse minWireVersion and maxWireVersion in initWireVersion

Closed

(13 related to)

Activity

People

Assignee:: Dan Larkin-York

Reporter:: Dan Larkin-York

Participants:: Dan Larkin-York

Votes:: 0 Vote for this issue

Watchers:: 16 Start watching this issue

Dates

Created:: Jul 26 2022 04:26:49 PM UTC

Updated:: Jan 17 2023 05:03:49 AM UTC

Resolved:: Aug 22 2022 05:49:57 PM UTC