[SERVER-10259] strcasestr emulation returns invalid pointer Created: 19/Jul/13 Updated: 11/Jul/16 Resolved: 19/Jul/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Internal Code |
| Affects Version/s: | 2.4.6, 2.5.1 |
| Fix Version/s: | 2.4.6, 2.5.2 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Tad Marshall | Assignee: | Tad Marshall |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Affects Windows and Solaris only |
||
| Backwards Compatibility: | Fully Compatible |
| Operating System: | Windows |
| Participants: |
| Description |
|
The emulated strcasestr() function in src/mongo/platform/strcasestr.cpp returns a pointer that points into freed memory rather than into the source string. In the current MongoDB code, this routine is only used during text search and the pointer is only compared with NULL, so there is no current problem resulting from this bug. If usage of the routine was expanded in the future, attempts to use the returned pointer could segfault or cause other errors. |
| Comments |
| Comment by auto [ 19/Jul/13 ] |
|
Author: {u'username': u'tadmarshall', u'name': u'Tad Marshall', u'email': u'tad@10gen.com'}Message: Convert the location found within the temporary string into the |
| Comment by auto [ 19/Jul/13 ] |
|
Author: {u'username': u'tadmarshall', u'name': u'Tad Marshall', u'email': u'tad@10gen.com'}Message: Convert the location found within the temporary string into the |