[CDRIVER-2431] _mongoc_client_command_with_opts segfault with empty command document Created: 15/Dec/17 Updated: 28/Oct/23 Resolved: 20/Dec/17 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | libmongoc |
| Affects Version/s: | None |
| Fix Version/s: | 1.9.0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Jeremy Mikola | Assignee: | Jeremy Mikola |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Description |
|
A PHPC test happened to use an empty command document in an error test and inadvertently caused a segfault within libmongoc when the command name is checked. The relevant bit of the backtrace is:
The point of the exception is this line in mongoc_cmd_parts_append_opts() when checking if the command is "findAndModify". Note that a similar check happens higher up in _mongoc_client_command_with_opts() when deciding if a default write concern should be applied. An additional point of interest may be _mongoc_cursor_run_command() when checking for a "getMore" command. _mongoc_get_command_name() is also used to assign parts->assembled.command_name in mongoc_cmd_parts_assemble() but an error is raised for an empty command document if the name is NULL. mongoc-cursor-cursorid.c also calls _mongoc_get_command_name() to craft an error message; however, that should not be a concern as printf patterns should be able to handle NULL char * values. |
| Comments |
| Comment by Githook User [ 21/Dec/17 ] |
|
Author: {'name': 'Jeremy Mikola', 'email': 'jmikola@gmail.com', 'username': 'jmikola'}Message: Regression test for empty command segfault ( |
| Comment by Githook User [ 20/Dec/17 ] |
|
Author: {'name': 'Jeremy Mikola', 'email': 'jmikola@gmail.com', 'username': 'jmikola'}Message: |
| Comment by Githook User [ 20/Dec/17 ] |
|
Author: {'name': 'Jeremy Mikola', 'email': 'jmikola@gmail.com', 'username': 'jmikola'}Message: |
| Comment by Jeremy Mikola [ 19/Dec/17 ] |
| Comment by A. Jesse Jiryu Davis [ 19/Dec/17 ] |
|
Jeremy do you want to submit a PR for this please? |