Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-89535

nextUpdate time in OCSP response may cause server crash

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 8.1.0-rc0
    • Affects Version/s: None
    • Component/s: None
    • None
    • Server Security
    • Fully Compatible
    • ALL
    • Security 2024-06-24, Security 2024-07-08, Security 2024-07-22, Security 2024-08-05, Security 2024-08-19, Security 2024-09-02

      If OCSP stapling is enabled, the server starts a periodic job to fetch OCSP status from the responder. Unless ocspStaplingRefreshPeriodSecs is configured to have a shorter duration, the OCSP fetcher will use a duration calculated from the OCSP response's nextUpdate field (if it has one). If this calculated duration (in Milliseconds) is too large, it will cause an overflow when PeriodicJobImpl calculates the deadline for the next execution of the fetch job. The overflow, in turn results in server crash by way of an unhandled uassert.

            Assignee:
            gabriel.marks@mongodb.com Gabriel Marks
            Reporter:
            erwin.pe@mongodb.com Erwin Pe
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: