[CDRIVER-2269] Crash on empty code string for code_w_s Created: 07/Sep/17 Updated: 28/Oct/23 Resolved: 12/Sep/17 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 1.8.0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Kevin Albertson | Assignee: | Kevin Albertson |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Case: | (copied to CRM) | ||||
| Description |
|
When parsing BSON with a codewscope type we subtract 1 from the code string length. If it is 0 we underflow. (bson-iter.c:1410)
|
| Comments |
| Comment by Ramon Fernandez Marina [ 14/Sep/17 ] |
|
Author: {'username': u'ajdavis', 'name': u'Kevin Albertson', 'email': u'kevin.albertson@10gen.com'}Message: |
| Comment by Ramon Fernandez Marina [ 14/Sep/17 ] |
|
Author: {'username': u'ajdavis', 'name': u'Kevin Albertson', 'email': u'kevin.albertson@10gen.com'}Message: |
| Comment by Ramon Fernandez Marina [ 12/Sep/17 ] |
|
Author: {'username': u'ajdavis', 'name': u'Kevin Albertson', 'email': u'kevin.albertson@10gen.com'}Message: |
| Comment by Ramon Fernandez Marina [ 12/Sep/17 ] |
|
Author: {'username': u'ajdavis', 'name': u'Kevin Albertson', 'email': u'kevin.albertson@10gen.com'}Message: |
| Comment by Ramon Fernandez Marina [ 12/Sep/17 ] |
|
Author: {'username': u'ajdavis', 'name': u'Kevin Albertson', 'email': u'kevin.albertson@10gen.com'}Message: |
| Comment by Ramon Fernandez Marina [ 12/Sep/17 ] |
|
Author: {'username': u'ajdavis', 'name': u'Kevin Albertson', 'email': u'kevin.albertson@10gen.com'}Message: |
| Comment by Kevin Albertson [ 12/Sep/17 ] |
|
Commits: |