[CDRIVER-2007] Crash creating index when unable to connect Created: 29/Jan/17  Updated: 06/Feb/17  Resolved: 30/Jan/17

Status: Closed
Project: C Driver
Component/s: libmongoc
Affects Version/s: 1.5.3
Fix Version/s: 1.6.0

Type: Bug Priority: Major - P3
Reporter: Arseny Vakhrushev Assignee: A. Jesse Jiryu Davis
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: File libmongoc5.c    
Issue Links:
Related
is related to CDRIVER-2034 test_create_index_fail error on zSeri... Closed

 Description   

mongoc_client_get_gridfs() may generate segfault internally.

For example:

#include <mongoc.h>
 
int main() {
	mongoc_client_t *client;
	mongoc_gridfs_t *gridfs;
	bson_error_t error;
 
	mongoc_init();
 
	client = mongoc_client_new("mongodb://INVALID-URI");
	BSON_ASSERT(client);
	gridfs = mongoc_client_get_gridfs(client, "test-gridfs", 0, &error);
	BSON_ASSERT(!gridfs);
 
	mongoc_client_destroy(client);
	mongoc_cleanup();
	return 0;
}

Output:

$ ./a.out
Segmentation fault

Valgrind's output:

==10844== Invalid read of size 8
==10844==    at 0x4E4D144: mongoc_cluster_run_command_monitored (mongoc-cluster.c:362)
==10844==    by 0x4E521BA: mongoc_collection_create_index_with_opts (mongoc-collection.c:1325)
==10844==    by 0x4E528AF: mongoc_collection_create_index (mongoc-collection.c:1155)
==10844==    by 0x4E5CCBE: _mongoc_gridfs_ensure_index (mongoc-gridfs.c:66)
==10844==    by 0x4E5CCBE: _mongoc_gridfs_new (mongoc-gridfs.c:133)
==10844==    by 0x400887: main (libmongoc5.c:12)
==10844==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
==10844==
==10844==
==10844== Process terminating with default action of signal 11 (SIGSEGV)
==10844==  Access not within mapped region at address 0x8
==10844==    at 0x4E4D144: mongoc_cluster_run_command_monitored (mongoc-cluster.c:362)
==10844==    by 0x4E521BA: mongoc_collection_create_index_with_opts (mongoc-collection.c:1325)
==10844==    by 0x4E528AF: mongoc_collection_create_index (mongoc-collection.c:1155)
==10844==    by 0x4E5CCBE: _mongoc_gridfs_ensure_index (mongoc-gridfs.c:66)
==10844==    by 0x4E5CCBE: _mongoc_gridfs_new (mongoc-gridfs.c:133)
==10844==    by 0x400887: main (libmongoc5.c:12)



 Comments   
Comment by Githook User [ 05/Feb/17 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-2007 fix create-index test

Depending on the network configuration, trying to create an index on
mongodb://example.com could cause "connection timeout" or "connection
refused", so don't specify the error message.
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/1ecb2317cd3ebf577af9790a84d5452ff148f2b3

Comment by Githook User [ 30/Jan/17 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-2007 crash creating index disconnected
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/abd6526e883d58562102424ab1a8142ea40b953c

Comment by A. Jesse Jiryu Davis [ 29/Jan/17 ]

mongoc_collection_create_index_with_opts doesn't check if mongoc_cluster_stream_for_reads returned NULL.

Generated at Wed Feb 07 21:13:52 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.