[CDRIVER-2688] Crash from swift driver calling bson_init_from_json Created: 06/Jun/18  Updated: 27/Oct/23  Resolved: 11/Jun/18

Status: Closed
Project: C Driver
Component/s: json, libbson
Affects Version/s: 1.10.1
Fix Version/s: 1.12.0

Type: Bug Priority: Major - P3
Reporter: Kevin Albertson Assignee: Kevin Albertson
Resolution: Gone away Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to CDRIVER-2693 Segfault in bson_b64_pton parsing val... Closed

 Description   

A test in the Swift driver kaitlin.mahar wrote crashes with a null pointer access in bson_init_from_json:

func testFailure() throws {
       // this works fine
       let extjson1 = "{\"a\" : [{\"$numberInt\": \"10\"}]}".data(using: .utf8)!
       let res1 = try Document(fromJSON: extjson1)
       print(res1)
 
       // this crashes
       let extjson2 = "{\"x\" : { \"$binary\" : {\"base64\" : \"\", \"subType\" : \"00\"}}}".data(using: .utf8)!
       let res2 = try Document(fromJSON: extjson2)
       print(res2)
   }

Kaitlin is able to reproduce this using 1.10 but not in 1.9 on macOS. This seems like an issue with the C driver. I couldn't reproduce the crash on Linux, nor from calling bson_init_from_json with the same arguments directly in the C driver. But I have not yet tested the Swift test on macOS yet.



 Comments   
Comment by Kevin Albertson [ 11/Jun/18 ]

Fixed with commit to CDRIVER-2693

Comment by Kaitlin Mahar [ 11/Jun/18 ]

Sorry, missed your previous comment - we don't call bson_destroy_with_steal anywhere.

I just built the C driver from master, and the test no longer fails. So yes, it seems that fixed it! Thanks. 

Comment by A. Jesse Jiryu Davis [ 11/Jun/18 ]

Kevin points out that my CDRIVER-2693 fix might also fix this. kaitlin.mahar, could you try with the latest C code on master?

Comment by A. Jesse Jiryu Davis [ 08/Jun/18 ]

Could you check if Swift calls bson_destroy_with_steal?

Generated at Wed Feb 07 21:16:01 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.