-
Type: Bug
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
-
Server Security
-
Fully Compatible
-
ALL
-
Security 2024-04-01
The cleanupESCAnchors function receives a list of entries to be deleted, which gets served as a sequence of consecutive delete operations; processed entries are nevertheless removed to the list when they get added to a DeleteCommandRequest - and not when the command gets successfully completed.
This may cause delete entries to be missed when cleanupESCAnchors is executed within the router loop of CleanupStructuredEncryptionDataCoordinator in case of StaleConfig/Db errors: in such a situation, the error is raised when performing the removal and the function gets called again without recalculating the list of pending delete operations.