Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 4.4.19, 5.0.15, 6.0.5
Affects Version/s: None
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v6.0, v5.0, v4.4, v4.2
Sprint:
Security 2022-09-19, Security 2022-10-03, Security 2022-10-17, Security 2022-10-31, Security 2022-11-14
Linked BF Score:
138
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

When a non-numeric value is specified for ldapTimeoutMS via setParameter, the double-to-int type coercion will result in undefined behavior depending on the processor architecture. For x86 systems, NaN was converted into the most negative integral value, which worked out fine here as we explicitly prevent values below 0. On ARM/Graviton systems, NaN gets converted to 0, which would be set. When connection pooling is disabled, the timeout is enforced by the system LDAP library.

We should explicitly check for `NaN`/non-numeric types in the BSONElement's value and reject them before attempting to coerce it into an integer.

is related to

SERVER-68309 Investigate for unsafe narrowing conversions

Closed

Assignee:: Varun Ravichandran
Reporter:: Varun Ravichandran
Participants:: Githook User, Varun Ravichandran
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: Aug 15 2022 03:52:32 PM UTC
Updated:: Oct 29 2023 09:34:30 PM UTC
Resolved:: Nov 12 2022 12:15:53 AM UTC
Confidence Status Last Update:: 01/Nov/22 10:23 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates