[SERVER-25827] Undefined behavior passing NaN to a NumberLong Created: 26/Aug/16  Updated: 19/Nov/16  Resolved: 01/Sep/16

Status: Closed
Project: Core Server
Component/s: JavaScript
Affects Version/s: 3.3.11
Fix Version/s: 3.3.14

Type: Bug Priority: Major - P3
Reporter: Robert Guo (Inactive) Assignee: Matt Cotter
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Platforms 2016-08-26, Platforms 2016-09-19
Participants:
Linked BF Score: 0

 Description   

https://github.com/mongodb/mongo/blob/6f03bed78373f186632f8d6f8a2d4fdc3e5177ee/src/mongo/scripting/mozjs/numberlong.cpp#L176

This line is assigning a double to a long, which triggers undefined behavior when the double is a NaN. i.e. NumberLong(NaN)



 Comments   
Comment by Githook User [ 01/Sep/16 ]

Author:

{u'username': u'Machyne', u'name': u'Matt Cotter', u'email': u'matt.cotter@mongodb.com'}

Message: SERVER-25827 fix UB related to NumberLong(NaN) in shell
Branch: master
https://github.com/mongodb/mongo/commit/ebf5539dac43ccc2289fabdd943ff6479a8d3920

Generated at Thu Feb 08 04:10:20 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.