[CDRIVER-1420] mongoc_collection_find_indexes can return freed memory Created: 27/Jul/16  Updated: 10/Aug/16  Resolved: 27/Jul/16

Status: Closed
Project: C Driver
Component/s: libmongoc
Affects Version/s: 1.1.11
Fix Version/s: 1.4.0

Type: Improvement Priority: Major - P3
Reporter: A. Jesse Jiryu Davis Assignee: A. Jesse Jiryu Davis
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible

 Description   

mongoc_collection_find_indexes has special handling for two kinds of errors. If it encounters some other error, it returns a pointer to a freed mongoc_cursor_t. This sets up the caller for a use-after-free crash.



 Comments   
Comment by Githook User [ 27/Jul/16 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-1420 test find_indexes errors
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/89b14181000c15a8df66c9ef10eebeecc6658ff2

Comment by Githook User [ 27/Jul/16 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-1420 find_indexes can return NULL
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/a096e1996aedb9a1467a2223e5e07d75e06d09ea

Generated at Wed Feb 07 21:12:28 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.