[SERVER-20332] Undefined behavior when types of NumberLong's fields are changed by user Created: 09/Sep/15  Updated: 25/Jul/16  Resolved: 23/Sep/15

Status: Closed
Project: Core Server
Component/s: JavaScript
Affects Version/s: 3.1.7
Fix Version/s: 3.1.9

Type: Bug Priority: Minor - P4
Reporter: Spencer Jackson Assignee: Mira Carey
Resolution: Done Votes: 0
Labels: spidermonkey
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Platform 9 (09/18/15), Platform A (10/09/15)
Participants:
Linked BF Score: 0

 Description   

Clang reports undefined behaviour when the following commands were entered into the shell:

> x = NumberLong(5)
NumberLong(5)
> Object.keys(x)
[ "floatApprox" ]
> x.floatApprox
5
> x.floatApprox = 'g'
g
> x.valueOf()
(/home/sajack/mongo/mongo+0x18652a1): runtime error: value nan is outside the range of representable values of type 'long long'
SUMMARY: AddressSanitizer: undefined-behavior (/home/sajack/mongo/mongo+0x18652a1): runtime error: value -9.22337e+18 is outside the range of representable values of type 'int'
SUMMARY: AddressSanitizer: undefined-behavior
-9223372036854776000



 Comments   
Comment by Githook User [ 23/Sep/15 ]

Author:

{u'username': u'hanumantmk', u'name': u'Jason Carey', u'email': u'jcarey@argv.me'}

Message: SERVER-20332 make JS NumberLong more robust

NumberLong can have it's floatApprox, top and bottom fields modified to
produce nans on getNumber(). Change that to getNumberLongLong() to
avoid those.
Branch: master
https://github.com/mongodb/mongo/commit/08eacba75fb15e397222f20af0bf48b26b54a0d5

Generated at Thu Feb 08 03:53:53 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.