[SERVER-23709] ValueStorage::putString dassert accesses array out of bounds Created: 14/Apr/16  Updated: 26/Apr/16  Resolved: 15/Apr/16

Status: Closed
Project: Core Server
Component/s: Aggregation Framework
Affects Version/s: None
Fix Version/s: 3.3.5

Type: Bug Priority: Major - P3
Reporter: Andrew Morrow (Inactive) Assignee: Andrew Morrow (Inactive)
Resolution: Done Votes: 0
Labels: undefined-sanitizer
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Operating System: ALL
Steps To Reproduce:

Run the aggregation unit tests under the undefined behavior sanitizer.

Sprint: Platforms 13 (04/22/16)
Participants:

 Description   

The dassert in ValueStorage::putString, as its comment indicates, may access memory beyond the end of the shortStrStorage array. This is harmless in practice since we know that the byte following is a NUL character, but it still trips the undefined behavior sanitizer. The dassert can be re-written to stay within bounds.



 Comments   
Comment by Githook User [ 15/Apr/16 ]

Author:

{u'username': u'acmorrow', u'name': u'Andrew Morrow', u'email': u'acm@mongodb.com'}

Message: SERVER-16221 SERVER-23709 Fix out of bounds array access in ValueStorage dassert
Branch: master
https://github.com/mongodb/mongo/commit/1261405f121b0d3dfe28e2ee04e425de0c118cea

Generated at Thu Feb 08 04:04:15 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.