[SERVER-29022] OpMsgRequest::getDatabase() should check type of _msg.body["$db"] before calling valueStringData() Created: 29/Apr/17 Updated: 30/Oct/23 Resolved: 05/May/17 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Networking |
| Affects Version/s: | None |
| Fix Version/s: | 3.5.7 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Max Hirschhorn | Assignee: | Mathias Stearn |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Operating System: | ALL | ||||||||||||
| Steps To Reproduce: |
|
||||||||||||
| Sprint: | Repl 2017-05-08 | ||||||||||||
| Participants: | |||||||||||||
| Linked BF Score: | 0 | ||||||||||||
| Description |
|
It is possible that the user's request specifies a type other than a string as the $db parameter, so checking the type is necessary to avoid performing an invalid memory access when using the returned StringData later on.
|
| Comments |
| Comment by Githook User [ 05/May/17 ] |
|
Author: {u'username': u'RedBeard0531', u'name': u'Mathias Stearn', u'email': u'mathias@10gen.com'}Message: |