[SERVER-35995] _flushForQueryPredicate should handle malformed oplog entries Created: 06/Jul/18 Updated: 06/Dec/22 Resolved: 10/Jul/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Replication |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Matthew Russotto | Assignee: | Backlog - Replication Team |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Assigned Teams: |
Replication
|
||||||||
| Operating System: | ALL | ||||||||
| Backport Requested: |
v4.0, v3.6
|
||||||||
| Participants: | |||||||||
| Description |
|
During oplog application, SessionUpdateTracker::_flushForQueryPredicate expects an oplog entry for "config.transactions" to contain an "_id" field which is an object. If it is not, we assert with code 10065 (in BSONElement::Obj()). Since we do not prevent arbitrary updates to config.transactions, we must be able to survive malformed entries. |
| Comments |
| Comment by Tess Avitabile (Inactive) [ 10/Jul/18 ] |
|
Thanks, max.hirschhorn, I filed SERVER-36056. |
| Comment by Max Hirschhorn [ 10/Jul/18 ] |
|
tess.avitabile, absolutely. The fuzzer had triggered this by using the applyOps command so I'm not sure if it is actually necessary to prevent all writes to the config.transactions collection as it was a malformed oplog entry which triggered this crash. |
| Comment by Tess Avitabile (Inactive) [ 10/Jul/18 ] |
|
max.hirschhorn, we don't want to fix this in the server, since we prefer to use auth to prevent user writes to system/config collections and accept that the server may crash if these writes are invalid. Would it be possible to prevent the fuzzer from writing to config.transactions? |