[CDRIVER-1328] mongoc_collection_validate doesn't always init "reply" Created: 14/Jun/16 Updated: 10/Aug/16 Resolved: 06/Jul/16 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 1.4.0 |
| Type: | Bug | Priority: | Minor - P4 |
| Reporter: | Ian Boros | Assignee: | Ian Boros |
| Resolution: | Done | Votes: | 0 |
| Labels: | intern2016 | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
|
The documentation for mongoc_collection_validate says: reply [an argument] is always initialized and must be destroyed with bson_destroy(). (see https://api.mongodb.com/c/current/mongoc_collection_validate.html) The implementation doesn't always initialize reply. In particular, if the options passed are invalid, then reply is left alone, which means if a client tries to bson_destroy() it, they might end up accessing uninitialized memory. I think this is like a one-line fix, but there might be bugs just like this one all over |
| Comments |
| Comment by Githook User [ 05/Jul/16 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@emptysquare.net'}Message: Merge pull request #345 from puppyofkosh/
|
| Comment by Githook User [ 05/Jul/16 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@emptysquare.net'}Message: Merge pull request #345 from puppyofkosh/
|
| Comment by Githook User [ 05/Jul/16 ] |
|
Author: {u'name': u'ian boros', u'email': u'ian.boros@10gen.com'}Message: |
| Comment by A. Jesse Jiryu Davis [ 15/Jun/16 ] |
|
The function can be usefully called with a NULL reply pointer: you could check the function's return value and the "error" contents and get useful info, even if you don't retrieve the server's reply. So let's make "reply" optional. If it isn't NULL, it's always initialized. Update code and docs as needed. |
| Comment by Ian Boros [ 15/Jun/16 ] |
|
I just realized the docs don't say that reply is optional, but the code also doesn't make sure that reply is non-null. Which do you think I should change? I'm guessing the docs since it seems like most other functions are okay with reply being NULL, but I just want to check EDIT: |