Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-81423

Prevent the fuzzer from generating writes to config.image_collection / ban user writes to config.image_collection

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • Labels:
    • Replication
    • Fully Compatible
    • ALL
    • Repl 2023-10-16, Repl 2023-10-30, Repl 2023-11-13, Repl 2023-11-27, Repl 2023-12-11, Repl 2023-12-25, Repl 2024-01-08, Repl 2024-01-22, Repl 2024-02-05
    • 12

      With SERVER-67962, on secondaries we implemented a solution to handle deletes / implicit inserts to the config.image_collection within a single oplog applier batch. This means that secondaries parse oplog entries (derived inserts or explicit deletes) to config.image_collection.

      In the linked BF, the fuzzer inserted a nonsense entry into config.image_collection and then deleted it. I don't think this is legal behavior. But this resulted in the crash of the secondary.

      I think we should add a check to the write path to prevent writes on the config.image_collection collection, or prevent the fuzzer from producing such cases. (We might also want to prevent writes to other implicitly replicated collections such as system.preimages).

      To repro, run the following on the replica set primary. You will see that the secondary has crashed.

      > use config
      > db.image_collection.insert({_id: 2, a: 3});
      > db.image_collection.remove({}, {writeConcern: {w: 1}}); // {w: 1} is optional, but we do it so that the command returns even though the secondary crashes.

            frederic.vitzikam@mongodb.com Frederic Vitzikam
            vishnu.kaushik@mongodb.com Vishnu Kaushik
            0 Vote for this issue
            7 Start watching this issue