[SERVER-50180] Fix User lifetime management in AuthorizationManager::acquireUserForSessionRefresh Created: 07/Aug/20 Updated: 29/Oct/23 Resolved: 17/Aug/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 3.6.20, 4.0.21 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Mark Benvenuto | Assignee: | Mark Benvenuto |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Operating System: | ALL | ||||||||
| Backport Requested: |
v3.6
|
||||||||
| Sprint: | Security 2020-08-24 | ||||||||
| Participants: | |||||||||
| Linked BF Score: | 15 | ||||||||
| Description |
|
In 3.6 and 4.0, a User object may be leaked in AuthorizationManager::acquireUserForSessionRefresh if an error condition block is taken. The User object's ref count must be decremented in this error block. The affected code is only in 3.6 and 4.0. It was rewritten in 4.2. |
| Comments |
| Comment by Githook User [ 19/Aug/20 ] |
|
Author: {'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}Message: (cherry picked from commit 0a1b7e768ca29e2cb232c1af70beb55485fc96cb) |
| Comment by Githook User [ 17/Aug/20 ] |
|
Author: {'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}Message: |