[CDRIVER-1377] bson_ascii_strtoll() does not detect ERANGE errors Created: 13/Jul/16 Updated: 18/Aug/21 Resolved: 15/Nov/16 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | libbson |
| Affects Version/s: | 1.3.5 |
| Fix Version/s: | 1.5.0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Jeremy Mikola | Assignee: | A. Jesse Jiryu Davis |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Description |
|
In _bson_json_read_string(), bson_ascii_strtoll() is called and errno is later compared with ERANGE to check for an out-of-range value. Internally, bson_ascii_strtoll() never actually sets ERANGE and appears to have no logic for detecting range errors. |
| Comments |
| Comment by Githook User [ 30/Jan/17 ] | ||||||||
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch 'r1.5'
| ||||||||
| Comment by Githook User [ 30/Jan/17 ] | ||||||||
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: | ||||||||
| Comment by Githook User [ 25/Nov/16 ] | ||||||||
|
Author: {u'username': u'jmikola', u'name': u'Jeremy Mikola', u'email': u'jmikola@gmail.com'}Message: Use consistent string parsing for Timestamp and UTCDateTime init bson_ascii_strtoll() will support range checking in libbson 1.5.0 ( | ||||||||
| Comment by Githook User [ 15/Nov/16 ] | ||||||||
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: | ||||||||
| Comment by Hannes Magnusson [ 15/Nov/16 ] | ||||||||
| ||||||||
| Comment by Bernie Hackett [ 14/Nov/16 ] | ||||||||
|
Changed fix version to 1.5, since this just landed in master. | ||||||||
| Comment by Githook User [ 14/Nov/16 ] | ||||||||
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: | ||||||||
| Comment by Jeremy Mikola [ 13/Jul/16 ] | ||||||||
|
Based on my testing, out-of-range values are returned "9223372036854775807" and "-9223372036854775808" (i.e. largest and smallest 64-bit signed integers) are parsed correctly. Behavior is broken for values with greater magnitude:
|