[SERVER-60326] Windows Server fails to start when X509 certificate has empty subject name Created: 29/Sep/21 Updated: 29/Oct/23 Resolved: 18/Oct/21 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | 4.4.7 |
| Fix Version/s: | 4.4.11, 5.0.4, 5.1.0-rc0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Erwin Pe |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Operating System: | ALL | ||||||||
| Backport Requested: |
v5.0, v4.4
|
||||||||
| Sprint: | Security 2021-10-04, Security 2021-10-18 | ||||||||
| Participants: | |||||||||
| Case: | (copied to CRM) | ||||||||
| Description |
|
MongoDB 4.4.7 fails to start when provided an X.509 certificate whose subject name is empty. Windows provides us with the number of subject name RDNs as an unsigned integer, from which we subtract 1. The arithmetic on value line is going to be on unsigned 32bit types. Unsigned arithmetic has defined over/underflow semantics. 0 - 1 will evaluate to a large number which can be correctly assigned to i. |
| Comments |
| Comment by Githook User [ 21/Oct/21 ] |
|
Author: {'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}Message: (cherry picked from commit 7a68603aed1dd0b75caf0faae3a9986886af0f18) |
| Comment by Githook User [ 19/Oct/21 ] |
|
Author: {'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}Message: (cherry picked from commit 7a68603aed1dd0b75caf0faae3a9986886af0f18) |
| Comment by Githook User [ 15/Oct/21 ] |
|
Author: {'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}Message: |